• Tag : vlan

 
 

Find the next free VLAN id

If you have a lot of VLANs to manage, finding unused, available VLAN ids can be a challenge. Here’s a short alias to do exactly that (with the help of our customer Mateusz Blaszczyk): alias next-vlan show vlan | awk -v a=`echo %1 ` '$1 ~ /[0-9]/ && $1==a { ++a }; END { print a }' alias next-vlan-h bash echo -e "\nUsage: next-vlan <STARTING-ID>\n\nWhere <STARTING-ID> is the VLAN id to start looking for unused VLAN ids\n"   Description: The script analyses the output of the “show vlan” command for consequently rising VLAN ids, starting with the given one. It...
Continue reading →

Tap Aggregation – Filtering with Port ACLs

  1) Introduction   This article details the filtering of traffic across the Tap Aggregator by using port ACL. The filters allow granular selection of Layer2, Layer3, and Layer4 traffic on a per-port basis. The following other features might also be of interest, but are out of scope of this article: VLAN membership filters Traffic Steering   2) Filtering Overview   The well known MAC and IP Access-List filtering is used to filter traffic in Tap Aggregation mode, just like it does in switching mode. The Layer2/3/4 ACLs can be applied on Tap ports, ingress on Tool ports, egress  ...
Continue reading →

Tap Aggregation – VLAN List Filtering

  1) Introduction   A list of allowed VLANs simply specifies, under an interface in Tap Aggregation mode, which VLAN traffic is allowed. Removing VLANs from the allowed list means those VLANs would be blocked. It allows filtering traffic in a flexible manner, directly from the interface command, without creating ACLs or steering policies. This article details how to configure the VLAN list, and combine them to achieve multi-stage VLAN filtering.   2) Allowed VLAN List Definition   An allowed VLAN list is simply a definition of VLAN IDs. By default, all VLANs are allowed. The below commands illustrate the...
Continue reading →

In the output of sh vlan brief command output what are ‘PEt’ interfaces

When I execute the command “sh vlan brief” in the output I see a few interfaces with “PEt” (see below). What exactly are these interfaces where are they coming from?   Core_Router# sh vlan brief VLAN  Name                             Status    Ports ----- -------------------------------- --------- ------------------------------- 1     default                          active 563   User_Segment1           active    Cpu, Et9, Et10, Et11, Et12 Et13, Et14, Et15, Et16, Et17 PEt9, PEt10, PEt11, PEt12 PEt13, PEt14, PEt15, PEt16 PEt17, Po100

Follow

Get every new post on this blog delivered to your Inbox.

Join other followers: