VLANs
VLANs
 
This appendix provides information on configuring an enhanced, or extended, service. The product administration guides provide examples and procedures for configuration of basic services on the system. You should select the configuration example that best meets your service model before using the procedures in this appendix.
This appendix includes the following sections:
Overview
Creating VLAN Tags
Configuring Subscriber VLAN Associations
Overview
Virtual LANs (VLANs) provide greater flexibility in the configuration and use of contexts and services.
They are configured as “tags” on a per-port basis and allow more complex configurations to be implemented. The VLAN tag allows a single physical port to be bound to multiple logical interfaces that can be configured in different contexts. Therefore, each Ethernet port can be viewed as containing many logical ports when VLAN tags are employed.
Important: VLANs are supported in conjunction with subscriber traffic ports on Ethernet line cards. The system supports the configuration limits for VLANs as described in the Engineering Rules appendix of this guide.
Creating VLAN Tags
Use the following example to create VLANs on a port and bind them to pre-existing interfaces. For information on creating interfaces, refer to the System Element Configuration Procedures chapter of this guide.
config
  port ethernet <slot/port>
     no shutdown
     vlan <vlan_tag_ID>
     no shutdown
     bind interface <interface_name> <context_name>
     end
Notes:
Optional: Configure VLAN-subscriber associations. Refer to the Configuring Subscriber VLAN Associations section for more information.
Repeat this procedure as needed to configure additional VLANs for the port.
Verify the Port Configuration – ASR 5000
Run the following command to verify the port configuration:
show port info slot/port
An example of this command’s output is shown below:
Port: 17/1
Port Type : 10/100 Ethernet
Description : (None Set)
Controlled By Card : 1 (Packet Accelerator Card)
Redundancy Mode : Card Mode
Redundant With : 33/1
Physical ifIndex : 285278208
Administrative State : Enabled
Configured Duplex : Auto
Configured Speed : Auto
MAC Address : 00-05-47-01-11-00
Link State : Up
Link Duplex : Unknown
Link Speed : Unknown
Untagged:
Logical ifIndex : 285278209
Operational State : Down, Active
Tagged VLAN: VID 10
Logical ifIndex : 285278210
VLAN Type : Subscriber
Administrative State : Enabled
Operational State : Up, Active
Number of VLANs : 1
Notes:
Optional: Repeat this configuration as needed to configure additional ports.
Optional: Configure VLAN-subscriber associations if needed.
Save your configuration as described in the Verifying and Saving Your Configuration chapter of this guide.
Configuring Subscriber VLAN Associations
Subscriber traffic can be routed to specific VLANs based on the configuration of their user profile. This functionality provides a mechanism for routing all traffic from a subscriber over the specified VLAN. All packets destined for the subscriber must also be sent using only IP addresses valid on the VLAN or they will be dropped.
RADIUS Attributes Used
The following RADIUS attributes can be configured within subscriber profiles on the RADIUS server to allow the association of a specific VLAN to the subscriber:
SN-Assigned-VLAN-ID: In the Starent VSA dictionary
SN1-Assigned-VLAN-ID: In the Starent VSA1 dictionary
Important: Since the instructions for configuring subscriber profiles differ between RADIUS server applications, this section only describes the individual attributes that can be added to the subscriber profile. Please refer to the documentation that shipped with your RADIUS server for instructions on configuring subscribers.
Configuring Local Subscriber Profiles
Use the configuration example below to configure VLAN associations within local subscriber profiles on the system.
Important: These instructions assume that you have already configured subscriber-type VLAN tags according to the instructions provided in the Creating VLAN Tags section of this appendix.
config
  context <context_name>
     subscriber name <user_name>
        ip vlan <vlan_id>
        end
Verify the Subscriber Profile Configuration
Use the following command to view the configuration for a subscriber profile:
show subscriber configuration username user_name
Notes:
Repeat this command for each additional subscriber.
Save your configuration as described in the Verifying and Saving Your Configuration chapter of this guide.
 
 
Cisco Systems Inc.
Tel: 408-526-4000
Fax: 408-527-0883