Feedback
Contents
- Configuring Named VLANs
- Named VLANs
- Creating a Named VLAN Accessible to Both Fabric Interconnects (Uplink Ethernet Mode)
- Creating a Named VLAN Accessible to Both Fabric Interconnects (Ethernet Storage Mode)
- Creating a Named VLAN Accessible to One Fabric Interconnect (Uplink Ethernet Mode)
- Creating a Named VLAN Accessible to One Fabric Interconnect (Ethernet Storage Mode)
- Deleting a Named VLAN
- Private VLANs
- Creating a Primary VLAN for a Private VLAN (Accessible to Both Fabric Interconnects)
- Creating a Primary VLAN for a Private VLAN (Accessible to One Fabric Interconnect)
- Creating a Secondary VLAN for a Private VLAN (Accessible to Both Fabric Interconnects)
- Creating a Secondary VLAN for a Private VLAN (Accessible to One Fabric Interconnect)
Configuring Named VLANs
This chapter includes the following sections:
- Named VLANs
- Creating a Named VLAN Accessible to Both Fabric Interconnects (Uplink Ethernet Mode)
- Creating a Named VLAN Accessible to Both Fabric Interconnects (Ethernet Storage Mode)
- Creating a Named VLAN Accessible to One Fabric Interconnect (Uplink Ethernet Mode)
- Creating a Named VLAN Accessible to One Fabric Interconnect (Ethernet Storage Mode)
- Deleting a Named VLAN
- Private VLANs
- Creating a Primary VLAN for a Private VLAN (Accessible to Both Fabric Interconnects)
- Creating a Primary VLAN for a Private VLAN (Accessible to One Fabric Interconnect)
- Creating a Secondary VLAN for a Private VLAN (Accessible to Both Fabric Interconnects)
- Creating a Secondary VLAN for a Private VLAN (Accessible to One Fabric Interconnect)
Named VLANs
A named VLAN creates a connection to a specific external LAN. The VLAN isolates traffic to that external LAN, including broadcast traffic.
The name that you assign to a VLAN ID adds a layer of abstraction that allows you to globally update all servers associated with service profiles that use the named VLAN. You do not need to reconfigure the servers individually to maintain communication with the external LAN.
You can create more than one named VLAN with the same VLAN ID. For example, if servers that host business services for HR and Finance need to access the same external LAN, you can create VLANs named HR and Finance with the same VLAN ID. Then, if the network is reconfigured and Finance is assigned to a different LAN, you only have to change the VLAN ID for the named VLAN for Finance.
In a cluster configuration, you can configure a named VLAN to be accessible only to one fabric interconnect or to both fabric interconnects.
Creating a Named VLAN Accessible to Both Fabric Interconnects (Uplink Ethernet Mode)
ProcedureImportant:You cannot create VLANs with IDs from 3968 to 4047. This range of VLAN IDs is reserved.
The VLAN name is case sensitive.
The following example creates a named VLAN for both fabric interconnects, names the VLAN accounting, assigns the VLAN ID 2112, sets the sharing to none, and commits the transaction:
UCS-A# scope eth-uplink UCS-A /eth-uplink # create vlan accounting 2112 UCS-A /eth-uplink/vlan* # set sharing none UCS-A /eth-uplink/vlan* # commit-buffer UCS-A /eth-uplink/vlan #Creating a Named VLAN Accessible to Both Fabric Interconnects (Ethernet Storage Mode)
ProcedureImportant:You cannot create VLANs with IDs from 3968 to 4047. This range of VLAN IDs is reserved.
The VLAN name is case sensitive.
The following example creates a named VLAN for both fabric interconnects, names the VLAN accounting, assigns the VLAN ID 2112, creates a member port on slot 2, port 20, and commits the transaction:
UCS-A# scope eth-storage UCS-A /eth-storage # create vlan accounting 2112 UCS-A /eth-storage/vlan* # create member-port a 2 20 UCS-A /eth-storage/vlan/member-port* # commit-buffer UCS-A /eth-storage/vlan/member-port #Creating a Named VLAN Accessible to One Fabric Interconnect (Uplink Ethernet Mode)
ProcedureImportant:You cannot create VLANs with IDs from 3968 to 4047. This range of VLAN IDs is reserved.
The VLAN name is case sensitive.
The following example creates a named VLAN for fabric interconnect A, names the VLAN finance, assigns the VLAN ID 3955, sets the sharing to none, and commits the transaction:
UCS-A# scope eth-uplink UCS-A /eth-uplink # scope fabric a UCS-A /eth-uplink/fabric # create vlan finance 3955 UCS-A /eth-uplink/fabric/vlan* # set sharing none UCS-A /eth-uplink/fabric/vlan* # commit-buffer UCS-A /eth-uplink/fabric/vlan #Creating a Named VLAN Accessible to One Fabric Interconnect (Ethernet Storage Mode)
ProcedureImportant:You cannot create VLANs with IDs from 3968 to 4047. This range of VLAN IDs is reserved.
The VLAN name is case sensitive.
The following example creates a named VLAN for fabric interconnect A, names the VLAN finance, assigns the VLAN ID 3955, creates a member port on slot 2, port 20, and commits the transaction:
UCS-A# scope eth-storage UCS-A /eth-storage # scope fabric a UCS-A /eth-storage/fabric # create vlan finance 3955 UCS-A /eth-storage/fabric/vlan* # create member-port a 2 20 UCS-A /eth-storage/fabric/vlan/member-port* # commit-buffer UCS-A /eth-storage/fabric/vlan/member-port #Deleting a Named VLAN
ProcedureIf Cisco UCS Manager includes a named VLAN with the same VLAN ID as the one you delete, the VLAN is not removed from the fabric interconnect configuration until all named VLANs with that ID are deleted.
If you are deleting a private primary VLAN, make sure to reassign the secondary VLANs to another working primary VLAN.
The following example deletes a named VLAN accessible to both fabric interconnects and commits the transaction:
UCS-A# scope eth-uplink UCS-A /eth-uplink # delete vlan accounting UCS-A /eth-uplink* # commit-buffer UCS-A /eth-uplink #The following example deletes a named VLAN accessible to one fabric interconnect and commits the transaction:
UCS-A# scope eth-uplink UCS-A /eth-uplink # scope fabric a UCS-A /eth-uplink/fabric # delete vlan finance UCS-A /eth-uplink/fabric* # commit-buffer UCS-A /eth-uplink/fabric #Private VLANs
A private VLAN (PVLAN) partitions the Ethernet broadcast domain of a VLAN into subdomains and allows you to isolate some ports. Each subdomain in a PVLAN includes a primary VLAN and one or more secondary VLANs. All secondary VLANs in a PVLAN must share the same primary VLAN. The secondary VLAN ID differentiates one subdomain from another.
Isolated VLANs
All secondary VLANs in a Cisco UCS instance must be isolated VLANs. Cisco UCS does not support community VLANs.
Ports on Isolated VLANs
Communications on an isolated VLAN can only use the associated port in the primary VLAN. These ports are isolated ports and are not configurable in Cisco UCS Manager. If the primary VLAN includes multiple secondary VLANs, those isolated VLANs cannot communicate directly with each other.
An isolated port is a host port that belongs to an isolated secondary VLAN. This port has complete isolation from other ports within the same private VLAN domain. PVLANs block all traffic to isolated ports except traffic from promiscuous ports. Traffic received from an isolated port is forwarded only to promiscuous ports. You can have more than one isolated port in a specified isolated VLAN. Each port is completely isolated from all other ports in the isolated VLAN.
Creating a Primary VLAN for a Private VLAN (Accessible to Both Fabric Interconnects)
ProcedureImportant:You cannot create VLANs with IDs from 3968 to 4047. This range of VLAN IDs is reserved.
The VLAN name is case sensitive.
The following example creates a named VLAN for both fabric interconnects, names the VLAN accounting, assigns the VLAN ID 2112, makes this VLAN the primary VLAN, and commits the transaction:
UCS-A# scope eth-uplink UCS-A /eth-uplink # create vlan accounting 2112 UCS-A /eth-uplink/vlan* # set sharing primary UCS-A /eth-uplink/vlan* # commit-buffer UCS-A /eth-uplink/vlan #Creating a Primary VLAN for a Private VLAN (Accessible to One Fabric Interconnect)
ProcedureImportant:You cannot create VLANs with IDs from 3968 to 4047. This range of VLAN IDs is reserved.
The VLAN name is case sensitive.
The following example creates a named VLAN for fabric interconnect A, names the VLAN finance, assigns the VLAN ID 3955, makes this VLAN the primary VLAN, and commits the transaction:
UCS-A# scope eth-uplink UCS-A /eth-uplink # scope fabric a UCS-A /eth-uplink/fabric # create vlan finance 3955 UCS-A /eth-uplink/fabric/vlan* # set sharing primary UCS-A /eth-uplink/fabric/vlan* # commit-buffer UCS-A /eth-uplink/fabric/vlan #Creating a Secondary VLAN for a Private VLAN (Accessible to Both Fabric Interconnects)
ProcedureImportant:You cannot create VLANs with IDs from 3968 to 4047. This range of VLAN IDs is reserved.
The VLAN name is case sensitive.
The following example creates a named VLAN for both fabric interconnects, names the VLAN accounting, assigns the VLAN ID 2112, makes this VLAN the secondary VLAN, associates the secondary VLAN with the primary VLAN, and commits the transaction:
UCS-A# scope eth-uplink UCS-A /eth-uplink # create vlan accounting 2112 UCS-A /eth-uplink/vlan* # set sharing isolated UCS-A /eth-uplink/vlan* # set pubnwname pvlan1000 UCS-A /eth-uplink/vlan* # commit-buffer UCS-A /eth-uplink/vlan #Creating a Secondary VLAN for a Private VLAN (Accessible to One Fabric Interconnect)
ProcedureImportant:You cannot create VLANs with IDs from 3968 to 4047. This range of VLAN IDs is reserved.
The VLAN name is case sensitive.
The following example creates a named VLAN for fabric interconnect A, names the VLAN finance, assigns the VLAN ID 3955, makes this VLAN the secondary VLAN, associates the secondary VLAN with the primary VLAN, and commits the transaction:
UCS-A# scope eth-uplink UCS-A /eth-uplink # scope fabric a UCS-A /eth-uplink/fabric # create vlan finance 3955 UCS-A /eth-uplink/fabric/vlan* # set sharing isolated UCS-A /eth-uplink/fabric/vlan* # set pubnwname pvlan1000 UCS-A /eth-uplink/fabric/vlan* # commit-buffer UCS-A /eth-uplink/fabric/vlan #