Creating a VLAN
create [ {vlan} vlan_name ] {tag tag } {description vlan description} {vr name }
Example…
* X450e-48p.3 # configure vlan test add port 1 tagged
* X450e-48p.4 # configure vlan test add port 2
* X450e-48p.5 # sh vlan
———————————————————————————————
Name VID Protocol Addr Flags Proto Ports Virtual
Active router
/Total
———————————————————————————————
Default 1 ———————————————— ANY 0 /0 VR-Default
Mgmt 4095 ———————————————— ANY 1 /1 VR-Mgmt
test 100 ———————————————— ANY 0 /2 VR-Default
———————————————————————————————
Flags : (B) BFD Enabled, (c) 802.1ad customer VLAN, (C) EAPS Control VLAN,
(d) Dynamically created VLAN, (D) VLAN Admin Disabled,Total number of VLAN(s) : 3
sh te* X450e-48p.6 # sh test
VLAN Interface with name test created by user
Admin State: Enabled Tagging: 802.1Q Tag 100
Description: None
Virtual router: VR-Default
IPv4 Forwarding: Disabled
IPv4 MC Forwarding: Disabled
IPv6 Forwarding: Disabled
IPv6 MC Forwarding: Disabled
IPv6: None
STPD: None
Protocol: Match all unfiltered protocols
Loopback: Disabled
NetLogin: Disabled
OpenFlow: Disabled
QosProfile: None configured
Egress Rate Limit Designated Port: None configured
Flood Rate Limit QosProfile: None configured
Ports: 2. (Number of active ports=0)
Untag: 2
Tag: 1
Flags: (*) Active, (!) Disabled, (g) Load Sharing port
(b) Port blocked on the vlan, (m) Mac-Based port
(a) Egress traffic allowed for NetLogin
(u) Egress traffic unallowed for NetLogin
(t) Translate VLAN tag for Private-VLAN
(s) Private-VLAN System Port, (L) Loopback port
(e) Private-VLAN End Point Port
(x) VMAN Tag Translated port
(G) Multi-switch LAG Group port
(H) Dynamically added by MVRP
(U) Dynamically added uplink port
(V) Dynamically added by VM Tracking
Removing port from a VLAN
- configure vlan <vlan_name> delete ports <port_list>
- configure vlan <vlan_id> delete ports <port_list>
How to delete a VLAN
configure vlan <vlan_name> delete ports all
delete vlan <vlan_name>
Show VLAN information
- show port vlan
- show vlan
- show vlan <vlan_name>
- show fdb
Add IP address to a VLAN
configure vlan <vlan_name> ipaddress <ip_address>/<subnet_mask
Remove IP address from a VLAN
unconfigure vlan <vlan_name> ipaddress
Creating Dynamic VLANs
To specify one or more ports as tagged uplink ports that are added to the dynamically created VLAN, use the following command:
configure netlogin dynamic-vlan uplink-ports [port_list | none]
To enable the switch to create dynamic VLANs, use the following command:
configure netlogin dynamic-vlan [disable | enable]
Extreme Networks VSAs
https://documentation.extremenetworks.com/exos_22.1/exos_21_1/Security/r_extreme-networks-vsas.shtml
RADIUS Attributes
Tested authentication using Extreme Networks Access Control with RFC3580 which sends the VLAN ID to the Summit switch.
Inter-VLAN routing
VLANs and tagged or untagged ports
Adding DHCP Server to VLAN
Troubleshooting DHCP
How to apply IP to management interface
Switch hardening
explorerob's Blog 