Supported Platforms
Example: Configuring Automatic VLAN Administration Using MVRP on EX Series Switches
 | Note: This example uses Junos OS for EX Series switches with support for the Enhanced Layer 2 Software (ELS) configuration style. If your switch runs software that does not support ELS, see Example: Configuring Automatic VLAN Administration Using MVRP on EX Series Switches. For ELS details, see Getting Started with Enhanced Layer 2 Software. |
As a network expands and the number of clients and VLANs increases, VLAN administration becomes complex and the task of efficiently configuring VLANs on multiple EX Series switches becomes increasingly difficult. However, you can automate VLAN administration by enabling Multiple VLAN Registration Protocol (MVRP) on the network.
MVRP also dynamically creates VLANs, further simplifying the network overhead required to statically configure VLANs.
| Note: Only trunk interfaces can be enabled for MVRP. |
This example describes how to use MVRP to automate administration of VLAN membership changes within your network and how to use MVRP to dynamically create VLANs:
Requirements
This example uses the following hardware and software components:
- Two EX Series access switches
- One EX Series distribution switch
- Junos OS Release 13.2X50-D10 or later for EX Series switches
Before you configure MVRP on an interface, you must enable one of the following spanning tree protocols on that interface:
- Rapid Spanning-Tree Protocol (RSTP). For more information about RSTP, see Understanding RSTP for EX Series Switches.
- Multiple Spanning-Tree Protocol (MSTP). For more information about MSTP, see Understanding MSTP for EX Series Switches.
Overview and Topology
MVRP is used to manage dynamic VLAN registration in a LAN. It can also be used to dynamically create VLANs.
This example uses MVRP to dynamically create VLANs on the switching network. Alternatively, you can disable dynamic VLAN creation and create VLANs statically. Enabling MVRP on the trunk interface of each switch in your switching network ensures that the active VLAN information for the switches in the network is propagated to each switch through the trunk interfaces, assuming dynamic VLAN creation is enabled for MVRP.
MVRP ensures that the VLAN membership information on the trunk interface is updated as the switch’s access interfaces become active or inactive in the configured VLANs in a static or dynamic VLAN creation setup.
You do not need to explicitly bind a VLAN to the trunk interface. When MVRP is enabled, the trunk interface advertises all the VLANs that are active (bound to access interfaces) on that switch. An MVRP-enabled trunk interface does not advertise VLANs that are configured on the switch but are not currently bound to an access interface. Thus, MVRP provides the benefit of reducing network overhead—by limiting the scope of broadcast, unknown unicast, and multicast (BUM) traffic to interested devices only.
When VLAN access interfaces become active or inactive, MVRP ensures that the updated information is advertised on the trunk interface. Thus, in this example, distribution Switch C does not forward traffic to inactive VLANs.
| Note: This example shows a network with three VLANs: finance, sales, and lab. All three VLANs are running the same version of Junos OS. If switches in this network were running a mix of Junos OS releases that included Release 11.3, additional configuration would be necessary—see Configuring Multiple VLAN Registration Protocol (MVRP) (CLI Procedure) for details. |
Figure 1 shows MVRP configured on two access switches and one distribution switch.
Figure 1: MVRP Configured on Two Access Switches and One Distribution Switch for Automatic VLAN Administration
Table 1 explains the components of the example topology.
Table 1: Components of the Network Topology
| Settings | Settings |
|---|---|
Switch hardware |
|
VLAN names and tag IDs | finance, tag 100 |
Interfaces | Access Switch A interfaces:
Access Switch B interfaces:
Distribution Switch C interfaces:
|
Configuring VLANs and MVRP on Access Switch A
To configure VLANs on the switch, bind access interfaces to the VLANs, and enable MVRP on the trunk interface of access Switch A, perform these tasks:
CLI Quick Configuration
To quickly configure access Switch A for MVRP, copy the following commands and paste them into the switch terminal window of Switch A:
[edit]
set vlans finance vlan-id
100 set vlans lab vlan-id 200 set vlans sales vlan-id 300 set interfaces ge-0/0/1 unit 0 family ethernet-switching
vlan members financeset interfaces ge-0/0/2 unit 0 family ethernet-switching
vlan members labset interfaces ge-0/0/3 unit 0 family ethernet-switching
vlan members salesset interfaces xe-0/1/1 unit 0 family ethernet-switching
interface-mode trunk set protocols mvrp
interface xe-0/1/1 | Note: This example uses default MVRP timers. The default values associated with each MVRP timer are: 200 ms for the join timer, 1000 ms for the leave timer, and 10000 ms (10 seconds) for the leaveall timer. We recommend retaining the use of default timer values as modifying timers to inappropriate values might cause an imbalance in the operation of MVRP. However, if you choose to change the default settings, keep in mind that on an EX Series switch that uses Junos OS with support for ELS, if the timer value set on an interface level is different from the value set on a switch level, then the value on the interface level takes precedence. |
Step-by-Step Procedure
To configure access Switch A for MVRP:
- Configure the finance VLAN:
[edit]
user@Access-Switch-A# set vlans finance vlan-id 100 - Configure the lab VLAN:
[edit]
user@Access-Switch-A# set vlans lab vlan–id 200 - Configure the sales VLAN:
[edit]
user@Access-Switch-A# set vlans sales vlan–id 300 - Configure an Ethernet interface as a member of the finance
VLAN:
[edit]
user@Access-Switch-A# set interfaces ge-0/0/1 unit 0 family ethernet-switching vlan members finance - Configure an Ethernet interface as a member of the lab
VLAN:
[edit]
user@Access-Switch-A# set interfaces ge-0/0/2 unit 0 family ethernet-switching vlan members lab - Configure an Ethernet interface as a member of the sales
VLAN:
[edit]
user@Access-Switch-A# set interfaces ge-0/0/3 unit 0 family ethernet-switching vlan members sales - Configure a trunk interface:
[edit]
user@Access-Switch-A# set interfaces xe-0/1/1 unit 0 family ethernet-switching interface-mode trunk - Enable MVRP on the trunk interface:
[edit]
user@Access-Switch-A# set protocols mvrp interface xe-0/1/1
Results
Check the results of the configuration on Switch A:
user@Access-Switch-A# show
Configuring VLANs and MVRP on Access Switch B
To configure three VLANs on the switch, bind access interfaces for PC4 and PC5 to the VLANs, and enable MVRP on the trunk interface of access Switch B, perform these tasks:
CLI Quick Configuration
To quickly configure Access Switch B for MVRP, copy the following commands and paste them into the switch terminal window of Switch B:
[edit]
set vlans finance vlan-id
100 set vlans lab vlan-id 200 set vlans sales vlan-id 300 set interfaces ge-0/0/0 unit 0 family ethernet-switching
vlan members financeset interfaces ge-0/0/1 unit 0 family ethernet-switching
vlan members labset interfaces xe-0/1/0 unit 0 family ethernet-switching
interface-mode trunk set protocols mvrp
interface xe-0/1/0 Step-by-Step Procedure
To configure access Switch B for MVRP:
- Configure the finance VLAN:
[edit]
user@Access-Switch-B# set vlans finance vlan-id 100 - Configure the lab VLAN:
[edit]
user@Access-Switch-B# set vlans lab vlan–id 200 - Configure the sales VLAN:
[edit]
user@Access-Switch-B# set vlans sales vlan–id 300 - Configure an Ethernet interface as a member of the finance
VLAN:
[edit]
user@Access-Switch-B# set interfaces ge-0/0/0 unit 0 family ethernet-switching vlan members finance - Configure an Ethernet interface as a member of the lab
VLAN:
[edit]
user@Access-Switch-B# set interfaces ge-0/0/1 unit 0 family ethernet-switching vlan members lab - Configure a trunk interface:
user@Access-Switch-B# set interfaces xe-0/1/0 unit 0 family ethernet-switching interface-mode trunk - Enable MVRP on the trunk interface:
[edit]
user@Access-Switch-B# set protocols mvrp xe-0/1/0
Note: This example uses default MVRP timers. The default values associated with each MVRP timer are: 200 ms for the join timer, 1000 ms for the leave timer, and 10000 ms (10 seconds) for the leaveall timer. We recommend retaining the use of default timer values as modifying timers to inappropriate values might cause an imbalance in the operation of MVRP. However, if you choose to change the default values, keep in mind that on an EX Series switch that uses Junos OS with support for ELS, if the timer value set on an interface level is different from the value set on a switch level, then the value on the interface level takes precedence.
Results
Check the results of the configuration for Switch B:
user@Access-Switch-B# show
Configuring VLANS and MVRP on Distribution Switch C
CLI Quick Configuration
To quickly configure distribution Switch C for MVRP, copy the following commands and paste them into the switch terminal window of distribution Switch C:
[edit]set interfaces xe-0/1/1 unit 0 family ethernet-switching
interface-mode trunk
set
interfaces xe-0/1/0 unit 0 family ethernet-switching interface-mode
trunk set protocols mvrp interface xe-0/1/1 set protocols mvrp interface xe-0/1/0 Step-by-Step Procedure
To configure distribution Switch C for MVRP:
Configure the trunk interface to access Switch A:[edit]
user@Distribution-Switch-C# set interfaces xe-0/1/1 unit 0 family ethernet-switching interface-mode trunkConfigure the trunk interface to access Switch B:[edit]
user@Distribution-Switch-C# set interfaces xe-0/1/0 unit 0 family ethernet-switching interface-mode trunkEnable MVRP on the trunk interface for xe-0/1/1 :[edit]
user@Distribution-Switch-C# set protocols mvrp interface xe-0/1/1
Enable MVRP on the trunk interface for xe-0/1/0 :[edit]
user@Distribution-Switch-C# set protocols mvrp interface xe-0/1/0
Results
Check the results of the configuration for Switch C:
[edit]
user@Distribution Switch-C# show interfaces {xe-0/1/0 {unit 0 {family ethernet-switching {interface-mode trunk;}}}xe-0/1/1 {unit 0 {family ethernet-switching {interface-mode trunk;}}}}protocols {mvrp {interface xe-0/1/0;interface xe-0/1/1;}Verification
To confirm that the configuration is updating
VLAN membership, perform these tasks:
Verifying That MVRP Is Enabled on Access Switch AVerifying That MVRP Is Updating VLAN Membership on Access Switch AVerifying That MVRP Is Enabled on Access Switch BVerifying That MVRP Is Updating VLAN Membership on Access Switch BVerifying That MVRP Is Enabled on Distribution Switch CVerifying That MVRP Is Updating VLAN Membership on Distribution Switch C
Verifying That MVRP Is Enabled on Access Switch A
Purpose
Verify that MVRP is enabled on the switch.
Action
Show the MVRP configuration:
user@Access-Switch-A> show mvrpMVRP configuration for routing instance 'default-switch'
MVRP dynamic VLAN creation : Enabled
MVRP BPDU MAC address : Customer bridge group (01-80-C2-00-00-21)
MVRP timers (ms)
Interface Join Leave LeaveAll
xe-0/1/1 200 1000 10000
Meaning
The results show that MVRP is enabled on the trunk
interface of Switch A and that the default timers are used.
Verifying That MVRP Is Updating VLAN Membership on Access Switch
A
Purpose
Verify that MVRP is updating VLAN membership by displaying
the Ethernet switching interfaces and associated VLANs that are active
on Switch A.
Action
List Ethernet switching interfaces on the switch:
user@Access-Switch-A> show ethernet-switching interfaceRouting Instance Name : default-switch
Logical Interface flags (DL - disable learning, AD - packet action drop,
LH - MAC limit hit, DN - interface down )
Logical Vlan TAG MAC STP Logical Tagging
interface members limit state interface flags
ge-0/0/1.0 65535 tagged
finance 100
65535 Forwarding
Routing Instance Name : default-switch
Logical Interface flags (DL - disable learning, AD - packet action drop,
LH - MAC limit hit, DN - interface down )
Logical Vlan TAG MAC STP Logical Tagging
interface members limit state interface flags
ge-0/0/2.0 65535 tagged
lab 200
65535 Forwarding
Routing Instance Name : default-switch
Logical Interface flags (DL - disable learning, AD - packet action drop,
LH - MAC limit hit, DN - interface down )
Logical Vlan TAG MAC STP Logical Tagging
interface members limit state interface flags
ge-0/0/3.0 65535 tagged
sales 300
65535 Forwarding
Routing Instance Name : default-switch
Logical Interface flags (DL - disable learning, AD - packet action drop,
LH - MAC limit hit, DN - interface down )
Logical Vlan TAG MAC STP Logical Tagging
interface members limit state interface flags
xe-0/1/1.0 65535 tagged
finance 100
65535 Forwarding
lab 200
65535 Forwarding
Meaning
MVRP has automatically added finance and lab as VLAN members on the trunk interface because they are
being advertised by access Switch B.
Verifying That MVRP Is Enabled on Access Switch B
Purpose
Verify that MVRP is enabled on the switch.
Action
Show the MVRP configuration:
user@Access-Switch-B> show mvrp MVRP configuration for routing instance 'default-switch'
MVRP dynamic VLAN creation : Enabled
MVRP BPDU MAC address : Customer bridge group (01-80-C2-00-00-21)
MVRP timers (ms)
Interface Join Leave LeaveAll
xe-0/1/0 200 1000 10000
Meaning
The results show that MVRP is enabled on the trunk
interface of Switch B and that the default timers are used.
Verifying That MVRP Is Updating VLAN Membership on Access Switch
B
Purpose
Verify that MVRP is updating VLAN membership by displaying
the Ethernet switching interfaces and associated VLANs that are active
on Switch B.
Action
List Ethernet switching interfaces on the switch:
user@Access-Switch-B> show ethernet-switching interface Routing Instance Name : default-switch
Logical Interface flags (DL - disable learning, AD - packet action drop,
LH - MAC limit hit, DN - interface down )
Logical Vlan TAG MAC STP Logical Tagging
interface members limit state interface flags
ge-0/0/0.0 65535 tagged
finance 100
65535 Forwarding
Routing Instance Name : default-switch
Logical Interface flags (DL - disable learning, AD - packet action drop,
LH - MAC limit hit, DN - interface down )
Logical Vlan TAG MAC STP Logical Tagging
interface members limit state interface flags
ge-0/0/1.0 65535 tagged
lab 200
65535 Forwarding
Routing Instance Name : default-switch
Logical Interface flags (DL - disable learning, AD - packet action drop,
LH - MAC limit hit, DN - interface down )
Logical Vlan TAG MAC STP Logical Tagging
interface members limit state interface flags
xe-0/1/0.0 65535 tagged
finance 100
65535 Forwarding
lab 200
65535 Forwarding
sales 300
65535 Forwarding
Meaning
MVRP has automatically added finance, lab, and sales as VLAN members on the trunk interface
because they are being advertised by access Switch A.
Verifying That MVRP Is Enabled on Distribution Switch C
Purpose
Verify that MVRP is enabled on the switch.
Action
Show the MVRP configuration:
user@Distribution-Switch-C> show mvrp MVRP configuration for routing instance 'default-switch'
MVRP dynamic VLAN creation : Enabled
MVRP BPDU MAC address : Customer bridge group (01-80-C2-00-00-21)
MVRP timers (ms)
Interface Join Leave LeaveAll
xe-0/1/1 200 1000 10000
xe-0/1/0 200 1000 10000Meaning
The results show that MVRP is enabled on the trunk
interfaces of Switch C and that the default timers are used.
Verifying That MVRP Is Updating VLAN Membership on Distribution
Switch C
Purpose
Verify that MVRP is updating VLAN membership on distribution
Switch C by displaying the Ethernet switching interfaces and associated
VLANs on distribution Switch C.
Action
List the Ethernet switching interfaces on the switch:
user@Distribution-Switch-C> show ethernet-switching interface Routing Instance Name : default-switch
Logical Interface flags (DL - disable learning, AD - packet action drop,
LH - MAC limit hit, DN - interface down )
Logical Vlan TAG MAC STP Logical Tagging
interface members limit state interface flags
xe-0/1/1.0 65535 tagged
mvrp_100
65535 Forwarding
mvrp_200
65535 Forwarding
mvrp_300
65535 Forwarding
Routing Instance Name : default-switch
Logical Interface flags (DL - disable learning, AD - packet action drop,
LH - MAC limit hit, DN - interface down )
Logical Vlan TAG MAC STP Logical Tagging
interface members limit state interface flags
xe-0/1/0.0 65535 tagged
mvrp_100
65535 Forwarding
mvrp_200
65535 Forwarding
List the VLANs that were created dynamically using MVRP on the
switch:
user@Distribution-Switch-C> show mvrp dynamic-vlan-memberships
MVRP dynamic vlans for routing instance 'default-switch'
(s) static vlan, (f) fixed registration
VLAN ID Interfaces
100 xe-0/1/1.0
xe-0/1/0.0
200 xe-0/1/1.0
xe-0/1/0.0
300 xe-0/1/1.0
Note that this scenario does not have any fixed registration,
which is typical when MVRP is enabled.
Meaning
Distribution Switch C has two trunk interfaces. Interface xe-0/1/1.0 connects Distribution Switch C to Access
Switch A and is, therefore, updated to show that it is a member
of all the VLANs that are active on Switch A. Any traffic for
those VLANs will be passed on from Switch C to Switch A, through interface xe-0/1/1.0. Interface xe-0/1/0.0 connects Switch C to Switch B and is updated to show that it is
a member of the two VLANs that are active on Switch B. Thus, Switch
C sends traffic for finance and lab to both Switch
A and Switch B. But Switch C sends traffic for sales only
to Switch A.
Switch C also has three dynamic VLANs created using MVRP: mvrp_100, mvrp_200, and mvrp_300. The dynamically created
VLANs mvrp_100 and mvrp_200 are active on interfaces xe-0/1/1.0 and xe-0/1/0.0, and dynamically created
VLAN mvrp_300 is active on interface xe-0/1/1.0.
Published: 2014-04-23
Supported Platforms
Related Documentation
Published: 2014-04-23
