Static VLAN operation

Static VLANs are configured with a name, VLAN ID number (VID) and port members. For dynamic VLANs, see GVRP. 802.1Q compatibility enables you to assign each switch port to multiple VLANs.

Port based and protocol based VLAN

Function

Port-Based VLANs

Protocol-Based VLANs

IP Addressing

Usually configured with at least one unique IP address.

A port-based VLAN can have no IP address. However, this limits switch features available to ports on that VLAN. See "How IP addressing affects switch operation" in the chapter "Configuring IP Addressing" in the Basic Operation Guide for the switch.

Multiple IP addresses allow multiple subnets within the same VLAN. See the chapter on "Configuring IP Addressing" in the ArubaOS-Switch Basic Operation Guide for the switch.

You can configure IP addresses on all protocol VLANs, but IP addressing is used only on IPv4 and IPv6 VLANs.

Restrictions:

Loopback interfaces share the same IP address space with VLAN configurations.

The maximum number of IP addresses supported on a switch is 2048; this includes all IP addresses configured for both VLANs and loopback interfaces (except for the default loopback IP address 127.0.0.1).

Each IP address configured on a VLAN interface must be unique in the switch; it cannot be used by a VLAN interface or another loopback interface.

For more information, see the chapter on "Configuring IP Addressing" in the ArubaOS-Switch Basic Operation Guide.

Untagged VLAN Membership

A port can be a member of one untagged, port-based VLAN. All other port-based VLAN assignments for that port must be tagged.

A port can be an untagged member of one protocol VLAN of a specific protocol type, such as IPX or IPv6. If the same protocol type is configured in multiple protocol VLANs, then a port can be an untagged member of only one of those. For example, if you have two protocol VLANs, 100 and 200 and both include IPX, then a port can be an untagged member of either VLAN 100 or VLAN 200, but not both.

A port's untagged VLAN memberships can include up to four different protocol types. It can be an untagged member of one of the following:
  • Four single-protocol VLANs

  • Two protocol VLANs where one VLAN includes a single protocol and the other includes up to three protocols

  • One protocol VLAN where the VLAN includes four protocols.

Tagged VLAN Membership

A port can be a tagged member of any port-based VLAN.

A port can be a tagged member of any protocol-based VLAN.

Routing

If the switch configuration enables IP routing, the switch can internally route IP (IPv4) traffic between port-based VLANs and between port-based and IPv4 protocol-based VLANs.

If the switch is not configured to route traffic internally between port-based VLANs, then an external router must be used to move traffic between VLANs.

If the switch configuration enables IP routing, the switch can internally route IPv4 traffic as follows:
  • Between multiple IPv4 protocol-based VLANs

  • Between IPv4 protocol-based VLANs and port-based VLANs.

Other protocol-based VLANs require an external router for moving traffic between VLANs.
NOTE:

NETbeui and SNA are non-routable protocols. End stations intended to receive traffic in these protocols must be attached to the same physical network.

Commands for Configuring Static VLANs


vlan <vid> {tagged | untagged <port-list>}

vlan <vid> protocol {ipx | ipv4 | ipv6 | arp | appletalk | sna | netbeui}

vlan <vid> {tagged | untagged <port-list>}