port trunk permit vlan

Syntax

port trunk permit vlan { vlan-list | all }

undo port trunk permit vlan { vlan-list | all }

View

Layer 2 Ethernet interface view, port group view, Layer 2 aggregate interface view

Default level

2: System level

Parameters

vlan-list: Specifies a space-separated list of up to 10 VLAN items. Each item specifies a VLAN ID or a range of VLAN IDs in the form of vlan-id1 to vlan-id2. The value range for VLAN IDs is 1 to 4094. The value for vlan-id2 must be equal to or greater than the value for vlan-id1.

all: Permits all VLANs to pass through the trunk ports.

Description

Use port trunk permit vlan to assign the trunk ports to the specified VLANs.

Use undo port trunk permit vlan to remove the trunk ports from the specified VLANs.

By default, a trunk port allows only packets from VLAN 1 to pass through.

A trunk port can carry multiple VLANs. If you execute the port trunk permit vlan command multiple times, the trunk port carries the set of VLANs specified by vlan-list in each execution.

On a trunk port, only traffic of the PVID can pass through untagged.

The configuration made in Layer 2 Ethernet interface view applies only to the port.

The configuration made in port group view applies to all ports in the port group.

The configuration made in Layer 2 aggregate interface view applies to the aggregate interface and its aggregation member ports.

If the system fails to apply the configuration to the aggregate interface, it stops applying the configuration to aggregation member ports.
If the system fails to apply the configuration to an aggregation member port, it skips the port and moves to the next member port.

To prevent unauthorized VLAN users from accessing restricted resources through a port, use the port trunk permit vlan all command with caution on the port.

Related commands: port link-type.

Examples

# Assign the trunk port Ethernet 1/0/1 to VLAN 2, VLAN 4, and VLAN 50 through VLAN 100.

<Sysname> system-view
[Sysname] interface ethernet 1/0/1
[Sysname-Ethernet1/0/1] port link-type trunk
[Sysname-Ethernet1/0/1] port trunk permit vlan 2 4 50 to 100
Please wait........... Done.

# Assign the trunk Layer 2 aggregate interface Bridge-Aggregation 1 to VLAN 2.

<Sysname> system-view
[Sysname] interface bridge-aggregation 1
[Sysname-Bridge-Aggregation1] port link-type trunk
[Sysname-Bridge-Aggregation1] port trunk permit vlan 2
 Please wait... Done.
 Configuring Ethernet1/0/1... Done.
 Configuring Ethernet1/0/2... Done.
 Configuring Ethernet1/0/3... Done.

The output shows that Ethernet 1/0/1, Ethernet 1/0/2, and Ethernet 1/0/3 are the member ports of the aggregation group corresponding to Bridge-Aggregation 1.

prev	up	next
port link-type	home	port trunk pvid