[x]

MFF configuration examples > Auto-mode MFF configuration example in a ring network

 

 Next

Auto-mode MFF configuration example in a ring network

Network requirements

As shown in Figure 154, all the devices are in VLAN 100, and the switches form a ring. Hosts A, B, and C obtain IP addresses from the DHCP server.

Configure MFF to isolate the hosts at Layer 2 and allow them to communicate with each other through the gateway at Layer 3.

Figure 153: Network diagram

Configuration procedure

  1. Configure the IP addresses of the gateway and the DHCP server, as shown in Figure 154.

  2. Configure Switch A:

    # Enable DHCP snooping.

    <SwitchA> system-view
[SwitchA] dhcp snooping enable

    # Enable STP globally to make sure STP is enabled on interfaces.

    [SwitchA] stp global enable

    # Enable MFF in automatic mode on VLAN 100.

    [SwitchA] vlan 100
[SwitchA-vlan100] mac-forced-forwarding auto
[SwitchA-vlan100] quit

    # Assign IP address 10.1.1.50 to the DHCP server.

    [SwitchA-vlan100] mac-forced-forwarding server 10.1.1.50

    # Configure GigabitEthernet 1/0/2 as a network port.

    [SwitchA] interface gigabitethernet 1/0/2
[SwitchA-GigabitEthernet1/0/2] mac-forced-forwarding network-port

    # Configure GigabitEthernet 1/0/2 as a DHCP snooping trusted port.

    [SwitchA-GigabitEthernet1/0/2] dhcp snooping trust
[SwitchA-GigabitEthernet1/0/2] quit

    # Configure GigabitEthernet 1/0/3 as a network port.

    [SwitchA] interface gigabitethernet 1/0/3
[SwitchA-GigabitEthernet1/0/3] mac-forced-forwarding network-port

    # Configure GigabitEthernet 1/0/3 as a DHCP snooping trusted port.

    [SwitchA-GigabitEthernet1/0/3] dhcp snooping trust

  3. Configure Switch B:

    # Enable DHCP snooping.

    <SwitchB> system-view
[SwitchB] dhcp-snooping

    # Enable STP globally to make sure STP is enabled on interfaces.

    [SwitchB] stp global enable

    # Enable MFF in automatic mode on VLAN 100.

    [SwitchB] vlan 100
[SwitchB-vlan100] mac-forced-forwarding auto
[SwitchB-vlan100] quit

    # Configure IP address 10.1.1.50 for the DHCP server.

    [SwitchB-vlan100] mac-forced-forwarding server 10.1.1.50

    # Configure GigabitEthernet 1/0/1 as a network port.

    [SwitchB] interface gigabitethernet 1/0/1
[SwitchB-GigabitEthernet1/0/1] mac-forced-forwarding network-port

    # Configure GigabitEthernet 1/0/1 as a DHCP snooping trusted port.

    [SwitchB-GigabitEthernet1/0/1] dhcp snooping trust
[SwitchB-GigabitEthernet1/0/1] quit

    # Configure GigabitEthernet 1/0/3 as a network port.

    [SwitchB] interface gigabitethernet 1/0/3
[SwitchB-GigabitEthernet1/0/3] mac-forced-forwarding network-port

    # Configure GigabitEthernet 1/0/3 as a DHCP snooping trusted port.

    [SwitchB-GigabitEthernet1/0/3] dhcp snooping trust

  4. Enable STP on Switch C globally to make sure STP is enabled on interfaces.

    <SwitchC> system-view
[SwitchC] stp global enable

prev

 

up

 next

Auto-mode MFF configuration example in a tree network 

home

 Manual-mode MFF configuration example in a tree network

© Copyright 2016 Hewlett Packard Enterprise Development LP