Intel Modular Server VLAN Configuration
This article will describe the possible Virtual Local Area Network (VLAN) configurations for the Intel Modular Server integrated network switch. You will find basic information about VLANs in the VLAN Basics article.
The following types of VLANs will be listed:
- Default (Standard VLAN)
- Static (manually configured VLANs with their own manually configured names)
- Dynamic (VLANs that have been dynamically defined using GARP (Generic Attribute Registration Protocol))
- Interface Status, potential values include:
- Excluded: the interface will not be assigned to the selected VLAN. However, it can be assigned to the VLAN by means of GARP.
- Forbidden: the interface will not be assigned to the selected VLAN. Assignment by GARP is also not possible.
- Tagged: the interface will be a 'tagged member' of the VLAN. All packets forwarded by the interface will be tagged. The packets will contain VLAN information.
- Untagged: the interface will be an 'untagged member' of the VLAN. Forwarded packets will not be tagged.
VLAN Interface Settings
- Interface Mode indicates the interface mode. Potential values include:
- General: The port belongs to the VLANs. Thereby, each VLAN will be defined as tagged or untagged (full IEEE802.1q mode). This mode is the default settings.
- Trunk: the port belongs to the VLANs, which are all tagged with the exception of one VLAN.
- Access: the port belongs to a single, untagged VLAN. The types of packets that will be permitted cannot be pre-defined here. For that reason, ingress filtering cannot be enabled or disabled.
- PVID define the VLAN ID, which will be assigned to untagged packets
- allowed values range from 1 to 4094 (with the exception of VLAN 4080)
- VLAN 4095 will be defined as the discard VLAN in accordance with the standard and normal business practices. Packets assigned to this VLAN will be discarded.
- Frame Type defines the types of packets that will be accepted by the interface. Potential values include:
- Admit All: both tagged as well as untagged packets will be accepted.
- Admit Tag Only: only tagged packets will be accepted.
- Ingress Filtering defines whether an incoming packet will be filtered. Potential values include:
- Enable: activates ingress filtering for this interface. Incoming packets assigned to the VLAN that do not belong to the interface will be discarded.
- Disable: deactivates ingress filtering for this interface.
Generic Attribute Registration Protocol (GARP)
GARP is a general-purpose protocol for registering network connections and membership information. GARP defines a pool of devices using specific network properties, like VLAN or Multicast addresses.
When using GARP, the following timer settings must be identical on all participating devices.
- Join Timer: time in milliseconds, in which the Protocol Data Unit (PDU) will be transmitted (default value 200 ms).
- Leave Timer: time in milliseconds, which the device will wait before leaving GARP mode. The Leave Time timeout will be triggered upon receiving or sending a Leave All Time message and canceled by a Join message. The Leave Time timeout must amount to at least triple the Join Time (default value 600 ms).
- Leave All Timer: time in milliseconds, which all devices will wait before leaving GARP mode. The Leave All Time timeout must be greater than the Leave Time timeout (default value 10,000 ms).
GARP VLAN Registration Protocol
This parameter will be configured for each switch:
- GVRP Global Status: indicates if GVRP has been enabled for the switch.
- GVRP State: indicates if GVRP has been enabled for the interface (enable/disable).
- Dynamic VLAN Creation: indicates if dynamic VLAN creation has been enabled for the interface (enable/disable).
- GVRP Registration: indicates if dynamic VLAN registration via GARP has been enabled for the interface (enable/disable).
Additional Information regarding VLANs
- How to create and use VLANs on the Intel® Modular Server (Intel Support)
- Intel Modular Server Systems: Common configurations and definitions for the Ethernet Switch Module (intel.com)
Author: Werner Fischer
Werner Fischer, working in the Web Operations & Knowledge Transfer team at Thomas-Krenn, completed his studies of Computer and Media Security at FH Hagenberg in Austria. He is a regular speaker at many conferences like LinuxTag, OSMC, OSDC, LinuxCon, and author for various IT magazines. In his spare time he enjoys playing the piano and training for a good result at the annual Linz marathon relay.