Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Multiple VLAN Registration Protocol

 

Understanding Multiple VLAN Registration Protocol (MVRP)

Multiple VLAN Registration Protocol (MVRP) is a Layer 2 messaging protocol that automates the creation and management of virtual LANs, thereby reducing the time you have to spend on these tasks. Use MVRP on Juniper Networks switches to dynamically register and unregister active VLANs on trunk interfaces. Using MVRP means that you do not have to manually register VLANs on all connections—that is, you do not need to explicitly bind a VLAN to each trunk interface. With MVRP, you configure a VLAN on one switch interface and the VLAN configuration is distributed through all active switches in the domain.

Note

MVRP is an application protocol of the Multiple Registration Protocol (MRP) and is defined in the IEEE 802.1ak standard. MRP and MVRP replace Generic Attribute Registration Protocol (GARP) and GARP VLAN Registration Protocol (GVRP) and overcome GARP and GVRP limitations.

Note

MVRP on QFabric systems does not support private VLANs.

If your QFabric system connects to servers that host many virtual machines that require their own VLANs, using MVRP can save you the time and effort that would be required to manually create and administer the VLANs on the ports that connect to the servers. For example, if a virtual machine moves between servers—and therefore connects to a different redundant server Node group interface—MVRP can configure the appropriate VLAN membership on the new server Node group interface.

When using MVRP on a QFabric system, you must manually create on the QFabric the VLANs that exist on the attached servers because the QFabric implementation of MVRP does not allow VLANs to be created dynamically. However, you do not need to manually assign VLAN membership to the QFabric ports that connect to the servers. MVRP automatically assigns VLAN membership to server-facing QFabric ports when it learns about a VLAN from an attached server.

MVRP Operations

MVRP stays synchronized by using MVRP protocol data units (PDUs). These PDUs specify which QFabric systems and switches are members of which VLANs, and which switch interfaces are in each VLAN. The MVRP PDUs are sent to other switches in the QFabric system when an MVRP state change occurs, and the receiving switches update their MVRP states accordingly. MVRP timers dictate when PDUs can be sent and when switches receiving MVRP PDUs can update their MVRP information.

In addition to this behavior, QFX switches include a mode—called passive mode—in which an MVRP-configured interface does not announce its membership in a VLAN or send any VLAN declarations (updates) unless it receives registration for that VLAN from a peer (server) on that interface. By default MVRP-configured interfaces behave in the standard manner and automatically send PDU updates to announce any VLAN changes. (This is called active mode.)

To enable passive mode on an interface, enter and commit this statement:

set protocols mvrp interface interface-name passive

To keep VLAN membership information current, MVRP removes switches and interfaces when they become unavailable. Pruning VLAN information has these benefits:

  • Limits the network VLAN configuration to active participants, thereby reducing network overhead.

  • Limits broadcast, unknown unicast, and multicast (BUM) traffic to interested devices.

MVRP is disabled by default and is valid only for trunk interfaces.

How MVRP Updates, Creates, and Deletes VLANs on Switches

When any MVRP-member VLAN is changed, that VLAN sends a protocol data unit (PDU) to all other MVRP-member active VLANs. The PDU informs the other VLANs which switches and interfaces currently belong to the sending VLAN. This way, all MVRP-member VLANs are always updated with the current VLAN state of all other MVRP-member VLANs. Timers dictate when PDUs can be sent and when switches receiving MVRP PDUs can update their MVRP VLAN information.

In addition to sending PDU updates, MVRP dynamically creates VLANs on member interfaces when a new VLAN is added to any one interface. This way, VLANs created on one member switch are propagated to other member switches as part of the MVRP message exchange process.

To keep VLAN membership information current, MVRP removes switches and interfaces when they become unavailable. Pruning VLAN information has these benefits:

  • Limits the network VLAN configuration to active participants, thereby reducing network overhead.

  • Limits broadcast, unknown unicast, and multicast (BUM) traffic to interested devices.

MVRP Is Disabled by Default on Switches

MVRP is disabled by default on the switches and, when enabled, affects only trunk interfaces. Once you enable MVRP, all VLAN interfaces on the switch belong to MVRP (the default normal registration mode) and those interfaces accept PDU messages and send their own PDU messages. To prevent one or more interfaces from participating in MVRP, you can specifically configure an interface to forbidden registration mode instead of the default normal mode.

VLAN updating, dynamic VLAN configuration through MVRP, and VLAN pruning are all active on trunk interfaces when MVRP is enabled.

MRP Timers Control MVRP Updates

MVRP registration and updates are controlled by timers that are part of the MRP. The timers define when MVRP PDUs can be sent and when MVRP information can be updated on a switch.

The timers are set on a per-interface basis, and on EX Series switches that use Juniper Networks Junos operating system (Junos OS) with support for the Enhanced Layer 2 Software (ELS) configuration style, the timers are also set on a per-switch basis.

On an EX Series switch that uses Junos OS with support for ELS, if the timer value set on an interface level is different from the value set on a switch level, the value on the interface level takes precedence.

The following MRP timers are used to control the operation of MVRP:

  • Join timer—Controls the interval for the next MVRP PDU transmit opportunity.

  • Leave timer—Controls the period of time that an interface on the switch waits in the leave state before changing to the unregistered state.

  • LeaveAll timer—Controls the frequency with which the interface generates LeaveAll messages.

Best Practice

Unless there is a compelling reason to change the timer settings, leave the default settings in place. Modifying timers to inappropriate values can cause an imbalance in the operation of MVRP.

MVRP Uses MRP Messages to Transmit Switch and VLAN States

MVRP uses MRP messages to register and declare MVRP states for a switch or VLAN and to inform the switching network that a switch or VLAN is leaving MVRP. These messages are communicated as part of the PDU sent by any switch interface to the other switches in the network.

The following MRP messages are communicated for MVRP:

  • Empty—MVRP information is not declared and no VLAN is registered.

  • In—MVRP information is not declared but a VLAN is registered.

  • JoinEmpty—MVRP information is declared but no VLAN is registered.

  • JoinIn—MVRP information is declared and a VLAN is registered.

  • Leave—MVRP information that was previously declared is withdrawn.

  • LeaveAll—Unregister all VLANs on the switch. VLANs must re-register to participate in MVRP.

  • New—The MVRP information is new and a VLAN might not be registered yet.

Compatibility Issues with Junos OS Releases of MVRP

Except in Junos OS Releases 11.2 and earlier, MVRP has conformed with IEEE standard 802.1ak and IEEE Draft 802.1Q regarding the inclusion of an extra byte in the protocol data units (PDUs) sent and received by MVRP. Table 1 outlines the MVRP versions and whether or not each version includes the extra byte in the PDU. Table 1 also labels each MVRP version with a scenario number, which is used throughout the remainder of this discussion for brevity.

Table 1: Junos OS MVRP Versions and Inclusion of Extra Byte in PDU

MVRP in Junos OS Releases 11.2 and Earlier For EX Series Switches That Do Not Support Enhanced Layer 2 Software (ELS) Configuration Style

Scenario 1

MVRP in Junos OS Releases 11.3 and Later For EX Series Switches That Do Not Support ELS

Scenario 2

MVRP in Junos OS Releases 13.2 and Later For EX Series Switches With Support For ELS

Scenario 3

Includes extra byte in the PDU

By default, does not include extra byte in the PDU

By default, includes extra byte in the PDU

As a result of the non-conformance of Releases 11.2 and earlier and changes in the standards with regard to the extra byte, a compatibility issue exists between some of the Junos OS versions of MVRP. This issue can result in some versions of MVRP not recognizing PDUs without the extra byte.

To address this compatibility issue, the MVRP versions described in scenarios 2 and 3 include the ability to control whether or not the PDU includes the extra byte. Before using these controls, however, you must understand each scenario that applies to your environment and plan carefully so that you do not inadvertently create an additional compatibility issue between the MVRP versions in scenarios 2 and 3.

Table 2 provides a summary of environments that include the various MVRP scenarios and whether or not a particular environment requires you to take action.

Table 2: MVRP Environments and Description of Required Actions

Environment

Action Required?

Action Description

Includes MVRP versions in scenario 1 only

No

Includes MVRP versions in scenario 2 only

No

Includes MVRP versions in scenario 3 only

No

Includes MVRP versions in scenarios 1 and 2. MVRP version in scenario 2 is in its default state.

Yes

On switches running MVRP version in scenario 2, use the add-attribute-length-in-pdu statement. For more information, see Configuring Multiple VLAN Registration Protocol (MVRP) on Switches .

Includes MVRP versions in scenarios 1 and 3. MVRP version in scenario 3 is in its default state.

No

Includes MVRP versions in scenarios 2 and 3, and both versions are in their respective default states

Yes

Do one of the following:

QFabric Requirements

When configuring MVRP on a QFabric system, you can enable it globally or enable it only on the trunk ports that need to carry VLAN traffic from the attached servers. You also must manually create the expected VLANs, but you do not have to assign VLAN membership to the server-facing redundant server Node ports (as mentioned previously). However, you do have to manually assign VLAN membership to the uplink ports on the redundant server Node group and network Node group devices that will carry the VLAN traffic. Table 3 summarizes the VLAN requirements for redundant server Node groups and network Node groups:

Table 3: MVRP VLAN Requirements for Node Devices

Node Group TypeInterfaceAssign VLAN Membership to Trunk Ports?

Redundant server Node group

Server-facing trunk

No

Redundant server Node group

Uplink trunk (to interconnect device)

Yes

Network Node groups

Uplink trunk (to interconnect device)

Yes

Determining Whether MVRP is Working

You can determine whether the switches in your network are running incompatible versions of MVRP by issuing the show mvrp statistics command. For more information on diagnosing and correcting this MVRP compatibility situation, see Configuring Multiple VLAN Registration Protocol (MVRP) on Switches .

Understanding Multiple VLAN Registration Protocol (MVRP) for Dynamic VLAN Registration

Multiple VLAN Registration Protocol (MVRP) is a Layer 2 messaging protocol that manages the addition, deletion, and renaming of active virtual LANs, thereby reducing network administrators’ time spent on these tasks. Use MVRP on Juniper Networks MX Series routers, EX Series switches and SRX devices to dynamically register and unregister active VLANs on trunk interfaces. Using MVRP means that you do not have to manually register VLANs on all connections—that is, you do not need to explicitly bind a VLAN to each trunk interface. With MVRP, you configure a VLAN on one interface and the VLAN configuration is distributed through all active interfaces in the domain.

The primary purpose of MVRP is to manage dynamic VLAN registration in Layer 2 networks. In managing dynamic VLAN registration, MVRP also prunes VLAN information.

MVRP is an Layer 2 application protocol of the Multiple Registration Protocol (MRP) and is defined in the IEEE 802.1ak standard. MRP and MVRP were designed by IEEE to perform the same functions as Generic Attribute Registration Protocol (GARP) and GARP VLAN Registration Protocol (GVRP) while overcoming some GARP and GVRP limitations, in particular, limitations involving bandwidth usage and convergence time in large networks with large numbers of VLANs.

MVRP was created by IEEE as a replacement application for GVRP. MVRP and GVRP cannot be run concurrently to share VLAN information in a Layer 2 network.

This topic describes:

How MVRP Works

When any MVRP-member VLAN is changed, that VLAN sends a protocol data unit (PDU) to all other MVRP-member active VLANs. The PDU informs the other VLANs which devices and interfaces currently belong to the sending VLAN. This way, all MVRP-member VLANs are always updated with the current VLAN state of all other MVRP-member VLANs. Timers dictate when PDUs can be sent and when devices receiving MVRP PDUs can update their MVRP VLAN information.

The VLAN registration information sent by MVRP protocol data units (PDUs) includes the current VLANs membership—that is, which routers are members of which VLANs—and which router interfaces are in which VLAN. MVRP shares all information in the PDU with all routers participating in MVRP in the Layer 2 network.

MVRP stays synchronized using these PDUs. The routers in the network participating in MVRP receive these PDUs during state changes and update their MVRP states accordingly. MVRP timers dictate when PDUs can be sent and when routers receiving MVRP PDUs can update their MVRP information.

In addition to sending PDU updates, MVRP dynamically creates VLANs on member interfaces when a new VLAN is added to any one interface. This way, VLANs created on one member device are propagated to other member devices as part of the MVRP message exchange process.

VLAN information is distributed as part of the MVRP message exchange process and can be used to dynamically create VLANs, which are VLANs created on one switch and propagated to other routers as part of the MVRP message exchange process. Dynamic VLAN creation using MVRP is enabled by default, but can be disabled.

As part of ensuring that VLAN membership information is current, MVRP removes routers and interfaces from the VLAN information when they become unavailable. Pruning VLAN information has these benefits:

  • Limits the network VLAN configuration to active participants only, reducing network overhead.

  • Targets the scope of broadcast, unknown unicast, and multicast (BUM) traffic to interested devices only.

Using MVRP

MVRP is disabled by default on the devices and, when enabled, affects only trunk interfaces. Once you enable MVRP, all VLAN interfaces on the device belong to MVRP (the default normal registration mode) and those interfaces accept PDU messages and send their own PDU messages. To prevent one or more interfaces from participating in MVRP, you can specifically configure an interface to forbidden registration mode instead of the default normal mode.

VLAN updating, dynamic VLAN configuration through MVRP, and VLAN pruning are all active on trunk interfaces when MVRP is enabled.

MVRP Registration Modes

The MVRP registration mode defines whether an interface does or does not participate in MVRP.

The following MVRP registration modes are configurable:

  • forbidden—The interface does not register or declare VLANS (except statically configured VLANs).

  • normal—The interface accepts MVRP messages and participates in MVRP. This is the default registration mode setting.

  • restricted—The interface ignores all MVRP JOIN messages received for VLANs that are not statically configured on the interface.

MRP Timers Control MVRP Updates

MVRP registration and updates are controlled by timers that are part of the MRP protocol. These timers are set on a per-interface basis and define when MVRP PDUs can be sent and when MVRP information can be updated on a switch.

The following timers are used to control the operation of MVRP:

  • Join timer—Controls the interval for the next MVRP PDU transmit opportunity.

  • Leave timer—Controls the period of time that an interface on the switch waits in the Leave state before changing to the unregistered state.

  • LeaveAll timer—Controls the frequency with which the interface generates LeaveAll messages.

Best Practice

Maintain default timer settings unless there is a compelling reason to change the settings. Modifying timers to inappropriate values might cause an imbalance in the operation of MVRP.

MVRP Uses MRP Messages to Transmit Device and VLAN States

MVRP uses MRP messages to register and declare MVRP states for a switch and to inform the Layer 2 network that a switch is leaving MVRP. These messages are communicated as part of the PDU to communicate the state of a particular switch interface on the Layer 2 network to the other switches in the network.

The following messages are communicated for MVRP:

  • Empty—VLAN information is not being declared and is not registered.

  • In—VLAN information is not being declared but is registered.

  • JoinEmpty—VLAN information is being declared but not registered.

  • JoinIn—VLAN information is being declared and is registered.

  • Leave—VLAN information that was previously registered is being withdrawn.

  • LeaveAll—All registrations will be de-registered. Participants that want to participate in MVRP will need to re-register.

  • New—VLAN information is new and possibly not previously registered.

MVRP Limitations

The following limitations apply when configuring MVRP:

  • MVRP works with Rapid Spanning Tree Protocol (RSTP) and Multiple Spanning Tree Protocol (MSTP), but not with VLAN Spanning Tree Protocol (VSTP).

  • MVRP is allowed only on single tagged trunk ports.

  • MVRP is not allowed if a physical interface has more than one logical interface.

  • MVRP is only allowed if a logical has one trunk interface (unit 0).

Configuring Multiple VLAN Registration Protocol (MVRP) on Switches

Multiple VLAN Registration Protocol (MVRP) is used to manage dynamic VLAN registration in a LAN. You can use MVRP on QFX switches and on EX Series switches that support or do not support ELS.

MVRP is disabled by default.

To enable MVRP or set MVRP options, follow these instructions:

Enabling MVRP on Switches With ELS Support

This example uses Junos OS for EX Series switches with support for the Enhanced Layer 2 Software (ELS) configuration style. MVRP can only be enabled on trunk interfaces.

Note

For ELS details, see Using the Enhanced Layer 2 Software CLI.

MVRP can only be enabled on trunk interfaces. To enable MVRP on a trunk interface:

Enabling MVRP on Switches Without ELS Support

This example uses Junos OS for EX Series switches that do not support the Enhanced Layer 2 Software (ELS) configuration style. For ELS details, see Using the Enhanced Layer 2 Software CLI.

Multiple VLAN Registration Protocol (MVRP) is used to manage dynamic VLAN registration in a LAN. You can use MVRP on EX Series switches.

MVRP is disabled by default on EX Series switches.

MVRP can only be enabled on trunk interfaces. To enable MVRP on a trunk interface:

To enable MVRP on a specific trunk interface:

Enabling MVRP on Switches With QFX Support

Multiple VLAN Registration Protocol (MVRP) automates the creation and management of VLANs. When using MVRP on a QFabric system, you must manually create on the QFabric the VLANs that exist on the attached servers because the QFabric implementation of MVRP does not allow VLANs to be created dynamically. However, you do not need to manually assign VLAN membership to the QFabric ports that connect to the servers. MVRP automatically assigns VLAN membership to server-facing QFabric ports when it learns about a VLAN from an attached server. .

MVRP is disabled by default. To enable MVRP or set MVRP options, follow these instructions:

This example uses Junos OS for EX Series switches with support for the Enhanced Layer 2 Software (ELS) configuration style. MVRP can only be enabled on trunk interfaces.

Note

For ELS details, see Using the Enhanced Layer 2 Software CLI.

MVRP can only be enabled on trunk interfaces. To enable MVRP on a trunk interface:

Note

On QFX Series switches, you must configure specific interfaces—you cannot specify interface all. You can enable MVRP on an interface range.

Disabling MVRP

MVRP is disabled by default. Perform this procedure only if you have previously enabled MVRP.

You can disable MVRP globally only. To disable MVRP on all trunk interfaces on a switch with ELS support, use one of the following commands:

To disable MVRP on all trunk interfaces of a QFX switch, an EX switch without ELS Support or an entire QFabric system:

To disable MVRP on a specific trunk QFX switch or an EX switch without interface support:

Disabling Dynamic VLANs on EX Series Switches

By default, dynamic VLANs can be created on interfaces participating in MVRP. Dynamic VLANs are VLANs created on one switch that are propagated to other switches dynamically, in this case, using MVRP.

Dynamic VLAN creation through MVRP cannot be disabled per switch interface. To disable dynamic VLAN creation for interfaces participating in MVRP, you must disable it for all interfaces on the switch.

To disable dynamic VLAN creation:

Configuring Timer Values

The timers in MVRP define the amount of time all interfaces on a switch or a specific interface wait to join or leave MVRP, or to send or process the MVRP information for the switch after receiving an MVRP PDU. The join timer controls the amount of time the switch waits to accept a registration request, the leave timer controls the period of time that the switch waits in the Leave state before changing to the unregistered state, and the leaveall timer controls the frequency with which the LeaveAll messages are communicated.

The default MVRP timer values are 200 ms for the join timer, 1000 ms for the leave timer, and 10 seconds for the leaveall timer.

Best Practice

Maintain default timer settings unless there is a compelling reason to change the settings. Modifying timers to inappropriate values might cause an imbalance in the operation of MVRP.

On an EX Series switch that uses Junos OS with support for ELS, if the timer value set on an interface level is different from the value set on a switch level, then the value on the interface level takes precedence.

To set the join timer for all interfaces on the switch:

To set the join timer for a specific interface:

To set the leave timer for all interfaces on the switch:

To set the leave timer for a specific interface:

To set the leaveall timer for all interfaces on the switch:

To set the leaveall timer for a specific interface:

Configuring Passive Mode on QFX Switches

QFX switches include a mode—called passive mode—in which an MVRP-configured interface does not announce its membership in a VLAN or send any VLAN declarations (updates) unless it receives registration for that VLAN from a peer (server).

To configure an interface to operate in passive mode:

Configuring MVRP Registration Mode on EX Switches

Note

Not supported in QFabric.

The default MVRP registration mode for any interface participating in MVRP is normal. An interface in normal registration mode participates in MVRP when MVRP is enabled on the switch.

You can change the registration mode of a specific interface to forbidden. An interface in forbidden registration mode does not participate in MVRP even if MVRP is enabled on the switch.

To set an interface to forbidden registration mode:

To set an interface to normal registration mode:

To set all interfaces to normal registration mode:

See also

Using MVRP in a Mixed-Release EX Series Switching Network

Except in Junos OS Releases 11.2 and earlier, MVRP has conformed with IEEE standard 802.1ak and IEEE Draft 802.1Q regarding the inclusion of an extra byte in the protocol data units (PDUs) sent and received by MVRP.

As a result of the non-comformance of releases 11.2 and earlier and changes in the standards regarding the extra byte, the following mixed environments can arise in EX Series switches without ELS support:

  • Mixed environment A: MVRP in Junos OS Releases 11.2 and earlier includes the extra byte, while MVRP in Junos OS Releases 11.3 and later for EX Series switches that do not support the Enhanced Layer 2 Software (ELS) configuration style does not include the extra byte.

  • Mixed environment B: MVRP in Junos OS Releases 13.2 and later for EX Series switches with support for ELS includes the extra byte, while MVRP in Junos OS Releases 11.3 and later for EX Series switches that do not support ELS does not include the extra byte.

As a result of changes in the standards with regard to the extra byte, MVRP in Junos OS Releases 13.2 and later for EX Series switches with support for the Enhanced Layer 2 Software (ELS) includes the extra byte, while MVRP in Junos OS Releases 11.3 and later for EX Series switches that do not support ELS does not include the extra byte. A compatibility issue arises, wherein the ELS version of MVRP does not recognize PDUs without the extra byte sent by the non-ELS version of MVRP.

A compatibility issue arises in mixed environments A and B, wherein the versions of MVRP that include the extra byte do not recognize PDUs that do not include the extra byte.

If your network has a mix of MVRP versions, you can alter MVRP on the switches running Release 11.3 and later on switches that do not support ELS so they include the extra byte in the PDU and are therefore, compatible with the other MVRP versions.

A compatibility issue arises in mixed environments A and B, wherein the versions of MVRP that include the extra byte do not recognize PDUs that do not include the extra byte.

For more information about these issues, see Understanding Multiple VLAN Registration Protocol (MVRP).

To make MVRP on on switches that do not support ELS (Release 11.3 or later) compatible with MVRP in the other releases:

If your network includes a mix of EX Series switches running ELS and non-ELS versions of MVRP, you can eliminate the compatibility issue by entering the following command on the switches running the ELS version of MVRP:

The no-attribute-length-in-pdu statement prevents the ELS version of MVRP from sending PDUs with the extra byte, thereby eliminating the compatibility issue with the non-ELS version of MVRP.

You can recognize an MVRP version compatibility issue by observing the switch running the ELS version of MVRP. Because a switch running the ELS version of MVRP cannot interpret an unmodified PDU from a switch running the non-ELS version of MVRP, the switch will not add VLANs from the non-ELS version of MVRP. When you use the show mvrp statistics command in the ELS version of MVRP, the values for Received Join Empty and Received Join In will incorrectly display zero, even though the value for the Received MVRP PDUs without error has been increased. Another indication that MVRP is having a version compatibility issue is that unexpected VLAN activity, such as multiple VLAN creation, takes place on the switch running the ELS version of MVRP.

Configuring Multiple VLAN Registration Protocol (MVRP) to Manage Dynamic VLAN Registration on Security Devices

Starting in Junos OS Release 15.1X49-D80, Multiple VLAN Registration Protocol (MVRP) to manage dynamic VLAN registration is supported on SRX1500 devices. Multiple VLAN Registration Protocol (MVRP) is used to manage dynamic VLAN registration in a Layer 2 network. You can configure MVRP on SRX Series devices.

MVRP is disabled by default on SRX Series devices.

To enable MVRP and to set MVRP options, follow these instructions:

Enabling MVRP

MVRP can be enabled only on trunk interfaces.

To enable MVRP on a specific trunk interface (here, interface ge-0/0/1):

Changing the Registration Mode to Disable Dynamic VLANs

When the registration mode for an interface is set to normal (the default), dynamic VLANs are created on interfaces participating in MVRP. The dynamic VLANs created on one SRX Series device are then propagated by means of MVRP to other SRX Series devices in the topology.

However, dynamic VLAN creation through MVRP can be disabled for all trunk interfaces or for individual trunk interfaces.

Configuring Timer Values

The timers in MVRP define the amount of time an interface waits to join or leave MVRP or to send or process the MVRP information for the router or switch after receiving an MVRP PDU:

  • The join timer controls the amount of time the router or switch waits to accept a registration request.

  • The leave timer controls the period of time that the router or switch waits in the Leave state before changing to the unregistered state.

  • The leaveall timer controls the frequency with which the LeaveAll messages are communicated.

The default MVRP timer values are 200 ms for the join timer, 1000 ms for the leave timer, and 60 seconds for the leaveall timer.

Best Practice

Maintain default timer settings unless there is a compelling reason to change the settings. Modifying timers to inappropriate values might cause an imbalance in the operation of MVRP.

To set the join timer at 300 ms for a specific interface (here, interface ge-0/0/1):

To set the leave timer at 400 ms for a specific interface (here, interface ge-0/0/1):

To set the leaveall timer at 20 seconds for a specific interface (here, interface ge-0/0/1):

Configuring the Multicast MAC Address for MVRP

MVRP uses the customer MVRP multicast MAC address when MVRP is enabled. However, you can configure MVRP to use the provider MVRP multicast MAC address instead.

To configure MVRP to use the provider MVRP multicast MAC address:

Configuring an MVRP Interface as a Point-to-Point Interface

Specify that a configured interface is connected point-to-point. If specified, a point-to-point subset of the MRP state machine provides a simpler and more efficient method to accelerate convergence on the network.

To specify that an MVRP interface is point-to-point (here, interface ge-0/0/1):

Configuring MVRP Tracing Options

Set MVRP protocol-level tracing options.

To specify MVRP protocol tracing (here, the file is /var/log/mvrp-log, size is 2m, number of files is 28, the option world-readable indicates the log can be read by user, and MVRP is flagging events):

Disabling MVRP

MVRP is disabled by default. You need to perform this procedure only if MVRP is previously enabled.

To disable MVRP on all trunk interfaces, use one of the following commands:

Example: Configuring Automatic VLAN Administration on QFX Switches Using MVRP

As the numbers of servers and VLANs attached to a QFabric systems increase, VLAN administration becomes complex and the task of efficiently configuring VLANs on multiple redundant server Node group devices becomes increasingly difficult. To partially automate VLAN administration, you can enable Multiple VLAN Registration Protocol (MVRP) on your QFabric system. If your QFabric system connects to servers that host many virtual machines that require their own VLANs, using MVRP can save you the time and effort that would be required to manually configure and administer the VLANs on the interfaces that connect to the servers. For example, if a virtual machine moves between servers—and therefore connects to a different redundant server Node group interface—MVRP can configure the appropriate VLAN membership on the new server Node group interface.

Note

Only trunk interfaces can be enabled for MVRP.

This example describes how to configure MVRP on a QFabric system.

Requirements

This example uses the following hardware and software components:

  • One QFabric system

  • Junos OS Release 13.1 for the QFX Series

Overview and Topology

MVRP ensures that the VLAN membership information on the trunk interface is updated as the switch’s access interfaces become active or inactive in the configured VLANs in a static or dynamic VLAN creation setup.

You do not need to explicitly bind a VLAN to the trunk interface. When MVRP is enabled, the trunk interface advertises all the VLANs that are active (bound to access interfaces) on that switch. An MVRP-enabled trunk interface does not advertise VLANs that have been configured on the switch but that are not currently bound to an access interface. Thus, MVRP provides the benefit of reducing network overhead—by limiting the scope of broadcast, unknown unicast, and multicast (BUM) traffic to interested devices only.

When VLAN access interfaces become active or inactive, MVRP ensures that the updated information is advertised on the trunk interface. Thus, in this example, distribution Switch C does not forward traffic to inactive VLANs.

A redundant server Node group device is connected to a server that hosts virtual machines for three customers, each of which requires its own VLAN.

  • customer-1: VLAN ID 100

  • customer-2: VLAN ID 200

  • customer-3: VLAN ID 300

Table 4 explains the components of the example topology.

Table 4: Components of the Example Topology

SettingsSettings

Hardware

  • Redundant server Node group device

  • Network Node group device

VLAN names and IDs

  • customer-1, VLAN ID (tag)100

  • customer-2, VLAN ID (tag)200

  • customer-3, VLAN ID (tag)300



Interfaces

Redundant server Node group device interfaces:

  • RSNG:xe-0/1/1—Uplink to interconnect device

  • RSNG:xe-0/0/1—Server-facing interface



Network Node group device interface:

  • NNG:xe-0/0/1—Uplink to interconnect device

Configuring VLANs and Network Node Group Interfaces

To configure VLANs, bind the VLANs to the server-facing trunk interface, and enable MVRP on the trunk interface of the network Node group device, perform these tasks:

CLI Quick Configuration

To quickly configure VLANs on the QFabric system, assign VLAN membership to the uplink port on the network Node group device, and configure the uplink port to be trunk:

[edit]

set vlans customer-1 vlan-id 100
set vlans customer-2 vlan-id 200
set vlans customer-3 vlan-id 300
set interfaces NNG:xe-0/0/1 unit 0 family ethernet-switching port-mode trunk
set interfaces NNG:xe-0/0/1 unit 0 family ethernet-switching vlan members [customer-1 customer-2 customer-3]
Note

As recommended as a best practice, default MVRP timers are used in this example, so they are not configured. The default values associated with each MVRP timer are: 200 ms for the join timer, 1000 ms for the leave timer, and 10000 ms for the leaveall timer. Modifying timers to inappropriate values might cause an imbalance in the operation of MVRP.

Step-by-Step Procedure

To create the VLANs and configure the network Node group device for MVRP, follow these steps. Note that you are creating VLANs for the entire QFabric system, so you do not need to create them on specific QFabric devices.

  1. Configure the VLAN for customer 1:
    [edit]

    user@qfabric# set vlans customer-1 vlan-id 100
  2. Configure the VLAN for customer 2:
    [edit]

    user@qfabric# set vlans customer-2 vlan–id 200
  3. Configure the VLAN for customer 3:
    [edit]

    user@qfabric# set vlans customer-3 vlan–id 300
  4. Configure an uplink interface (one that connects to an interconnect device) to be a trunk:
    [edit]

    user@qfabric# set interfaces NNG:xe-0/0/1 unit 0 family ethernet-switching port-mode trunk
  5. Configure the uplink interface to be a member of all three VLANs:
    [edit]

    user@qfabric# set interfaces NNG:xe-0/0/1 unit 1 family ethernet-switching vlan members [customer-1 customer-2 customer-3]
    Note

    If you want the uplink interface to be a member of all the VLANs in the QFabric system, you can enter all instead of specifying the individual VLANs.

Results

Check the results of the configuration on the network Node group device:

Configuring the Redundant Server Node Group

CLI Quick Configuration

To quickly configure the redundant server Node group device for MVRP:

[edit]

set interfaces RSNG:xe-0/1/1 unit 0 family ethernet-switching port-mode trunk

set interfaces RSNG:xe-0/1/1 unit 0 family ethernet-switching vlan members [customer-1 customer-2 customer-3]

set interfaces RSNG:xe-0/0/1 unit 0 family ethernet-switching port-mode trunk

set protocols mvrp interface RSNG:xe-0/0/1.0 passive

Step-by-Step Procedure

To configure the redundant server Node group device, follow these steps. Note that you do not need to configure the VLANs on the server-facing interface (RSNG:xe-0/0/1), but you do need to configure the VLANs on the uplink interface. Also notice that in this example you configure the server-facing interface to be passive, which means that it will not announce its membership in a VLAN or send any VLAN declarations (updates) unless it receives registration for that VLAN from the server.

  1. Configure an uplink interface (one that connects to the interconnect device) to be a trunk:
    [edit]

    user@qfabric# set interfaces RSNG:xe-0/1/1 unit 0 family ethernet-switching port-mode trunk
  2. Configure the uplink interface to be a member of all three VLANs:
    [edit]

    user@qfabric# set interfaces NNG:xe-0/1/1 unit 0 family ethernet-switching vlan members [customer-1 customer-2 customer-3]
  3. Configure an interface that connects to the server that hosts multiple virtual machines to be a trunk:
    [edit]

    user@qfabric# set interfaces RSNG:xe-0/0/1 unit 0 family ethernet-switching port-mode trunk
  4. Enable MVRP on the server-facing trunk interface and configure it to be passive:
    [edit]

    user@qfabric# set protocols mvrp interface RSNG:xe-0/0/1.0 passive

Results

Check the results of the configuration for the redundant server Node group:

Verification

To confirm that the configuration is updating VLAN membership, perform these tasks:

Verifying That MVRP Is Enabled On The QFabric System

Purpose

Verify that MVRP is enabled on the appropriate interfaces

Action

Show the MVRP configuration:

user@qfabric> show mvrp

Meaning

The results show that MVRP is enabled on the appropriate network Node group and redundant server Node group interfaces and that the default timers are used.

Example: Configuring Automatic VLAN Administration Using MVRP on EX Series Switches with ELS Support

Note

This example uses Junos OS for EX Series switches with support for the Enhanced Layer 2 Software (ELS) configuration style. If your switch runs software that does not support ELS, see Example: Configuring Automatic VLAN Administration Using MVRP on EX Series Switches. For ELS details, see Using the Enhanced Layer 2 Software CLI.

As a network expands and the number of clients and VLANs increases, VLAN administration becomes complex and the task of efficiently configuring VLANs on multiple EX Series switches becomes increasingly difficult. However, you can automate VLAN administration by enabling Multiple VLAN Registration Protocol (MVRP) on the network.

MVRP also dynamically creates VLANs, further simplifying the network overhead required to statically configure VLANs.

Note

Only trunk interfaces can be enabled for MVRP.

This example describes how to use MVRP to automate administration of VLAN membership changes within your network and how to use MVRP to dynamically create VLANs:

Requirements

This example uses the following hardware and software components:

  • Two EX Series access switches

  • One EX Series distribution switch

  • Junos OS Release 13.2X50-D10 or later for EX Series switches

Before you configure MVRP on an interface, you must enable one of the following spanning tree protocols on that interface:

  • Rapid Spanning-Tree Protocol (RSTP). For more information about RSTP, see Understanding RSTP .

  • Multiple Spanning-Tree Protocol (MSTP). For more information about MSTP, see Understanding MSTP.

Overview and Topology

MVRP is used to manage dynamic VLAN registration in a LAN. It can also be used to dynamically create VLANs.

This example uses MVRP to dynamically create VLANs on the switching network. Alternatively, you can disable dynamic VLAN creation and create VLANs statically. Enabling MVRP on the trunk interface of each switch in your switching network ensures that the active VLAN information for the switches in the network is propagated to each switch through the trunk interfaces, assuming dynamic VLAN creation is enabled for MVRP.

MVRP ensures that the VLAN membership information on the trunk interface is updated as the switch’s access interfaces become active or inactive in the configured VLANs in a static or dynamic VLAN creation setup.

You do not need to explicitly bind a VLAN to the trunk interface. When MVRP is enabled, the trunk interface advertises all the VLANs that are active (bound to access interfaces) on that switch. An MVRP-enabled trunk interface does not advertise VLANs that are configured on the switch but are not currently bound to an access interface. Thus, MVRP provides the benefit of reducing network overhead—by limiting the scope of broadcast, unknown unicast, and multicast (BUM) traffic to interested devices only.

When VLAN access interfaces become active or inactive, MVRP ensures that the updated information is advertised on the trunk interface. Thus, in this example, distribution Switch C does not forward traffic to inactive VLANs.

Note

This example shows a network with three VLANs: finance, sales, and lab. All three VLANs are running the same version of Junos OS. If switches in this network were running a mix of Junos OS releases that included Release 11.3, additional configuration would be necessary—see Configuring Multiple VLAN Registration Protocol (MVRP) on Switches for details.

Figure 1 shows MVRP configured on two access switches and one distribution switch.

Figure 1: MVRP Configured on Two Access Switches and One Distribution Switch for Automatic VLAN Administration
MVRP
Configured on Two Access Switches and One Distribution Switch for
Automatic VLAN Administration

Table 5 explains the components of the example topology.

Table 5: Components of the Network Topology

SettingsSettings

Switch hardware

  • Access Switch A

  • Access Switch B

  • Distribution Switch C

VLAN names and tag IDs

finance, tag 100

lab, tag 200

sales, tag 300



Interfaces

Access Switch A interfaces:

  • ge-0/0/1—Connects PC1 to access Switch A.

  • ge-0/0/2—Connects PC2 to access Switch A.

  • ge-0/0/3—Connects PC3 to access Switch A.

  • xe-0/1/1—Connects access Switch A to distribution Switch C (trunk).



Access Switch B interfaces:

  • ge-0/0/0—Connects PC4 to access Switch B.

  • ge-0/0/1—Connects PC5 to access Switch B.

  • ge-0/0/2—Reserved for future use,

  • xe-0/1/0—Connects access Switch B to distribution Switch C. (trunk)



Distribution Switch C interfaces:

  • xe-0/1/1—Connects distribution Switch C to access Switch A. (trunk)

  • xe-0/1/0—Connects distribution Switch C to access Switch B. (trunk)

Configuring VLANs and MVRP on Access Switch A

To configure VLANs on the switch, bind access interfaces to the VLANs, and enable MVRP on the trunk interface of access Switch A, perform these tasks:

CLI Quick Configuration

To quickly configure access Switch A for MVRP, copy the following commands and paste them into the switch terminal window of Switch A:

[edit]

set vlans finance vlan-id 100


set vlans lab vlan-id 200


set vlans sales vlan-id 300


set interfaces ge-0/0/1 unit 0 family ethernet-switching vlan members finance
set interfaces ge-0/0/2 unit 0 family ethernet-switching vlan members lab
set interfaces ge-0/0/3 unit 0 family ethernet-switching vlan members sales


set interfaces xe-0/1/1 unit 0 family ethernet-switching interface-mode trunk
set protocols mvrp interface xe-0/1/1
Note

This example uses default MVRP timers. The default values associated with each MVRP timer are: 200 ms for the join timer, 1000 ms for the leave timer, and 10000 ms (10 seconds) for the leaveall timer. We recommend retaining the use of default timer values as modifying timers to inappropriate values might cause an imbalance in the operation of MVRP. However, if you choose to change the default settings, keep in mind that on an EX Series switch that uses Junos OS with support for ELS, if the timer value set on an interface level is different from the value set on a switch level, then the value on the interface level takes precedence.

Step-by-Step Procedure

To configure access Switch A for MVRP:

  1. Configure the finance VLAN:
    [edit]

    user@Access-Switch-A# set vlans finance vlan-id 100
  2. Configure the lab VLAN:
    [edit]

    user@Access-Switch-A# set vlans lab vlan–id 200
  3. Configure the sales VLAN:
    [edit]

    user@Access-Switch-A# set vlans sales vlan–id 300
  4. Configure an Ethernet interface as a member of the finance VLAN:
    [edit]

    user@Access-Switch-A# set interfaces ge-0/0/1 unit 0 family ethernet-switching vlan members finance
  5. Configure an Ethernet interface as a member of the lab VLAN:
    [edit]

    user@Access-Switch-A# set interfaces ge-0/0/2 unit 0 family ethernet-switching vlan members lab
  6. Configure an Ethernet interface as a member of the sales VLAN:
    [edit]

    user@Access-Switch-A# set interfaces ge-0/0/3 unit 0 family ethernet-switching vlan members sales
  7. Configure a trunk interface:
    [edit]

    user@Access-Switch-A# set interfaces xe-0/1/1 unit 0 family ethernet-switching interface-mode trunk
  8. Enable MVRP on the trunk interface:
    [edit]

    user@Access-Switch-A# set protocols mvrp interface xe-0/1/1



Results

Check the results of the configuration on Switch A:

Configuring VLANs and MVRP on Access Switch B

To configure three VLANs on the switch, bind access interfaces for PC4 and PC5 to the VLANs, and enable MVRP on the trunk interface of access Switch B, perform these tasks:

CLI Quick Configuration

To quickly configure Access Switch B for MVRP, copy the following commands and paste them into the switch terminal window of Switch B:

[edit]

set vlans finance vlan-id 100


set vlans lab vlan-id 200


set vlans sales vlan-id 300




set interfaces ge-0/0/0 unit 0 family ethernet-switching vlan members finance
set interfaces ge-0/0/1 unit 0 family ethernet-switching vlan members lab


set interfaces xe-0/1/0 unit 0 family ethernet-switching interface-mode trunk
set protocols mvrp interface xe-0/1/0

Step-by-Step Procedure

To configure access Switch B for MVRP:

  1. Configure the finance VLAN:
    [edit]

    user@Access-Switch-B# set vlans finance vlan-id 100
  2. Configure the lab VLAN:
    [edit]

    user@Access-Switch-B# set vlans lab vlan–id 200
  3. Configure the sales VLAN:
    [edit]

    user@Access-Switch-B# set vlans sales vlan–id 300
  4. Configure an Ethernet interface as a member of the finance VLAN:
    [edit]

    user@Access-Switch-B# set interfaces ge-0/0/0 unit 0 family ethernet-switching vlan members finance
  5. Configure an Ethernet interface as a member of the lab VLAN:
    [edit]

    user@Access-Switch-B# set interfaces ge-0/0/1 unit 0 family ethernet-switching vlan members lab
  6. Configure a trunk interface:
    user@Access-Switch-B# set interfaces xe-0/1/0 unit 0 family ethernet-switching interface-mode trunk
  7. Enable MVRP on the trunk interface:
    [edit]

    user@Access-Switch-B# set protocols mvrp xe-0/1/0



    Note

    This example uses default MVRP timers. The default values associated with each MVRP timer are: 200 ms for the join timer, 1000 ms for the leave timer, and 10000 ms (10 seconds) for the leaveall timer. We recommend retaining the use of default timer values as modifying timers to inappropriate values might cause an imbalance in the operation of MVRP. However, if you choose to change the default values, keep in mind that on an EX Series switch that uses Junos OS with support for ELS, if the timer value set on an interface level is different from the value set on a switch level, then the value on the interface level takes precedence.

Results

Check the results of the configuration for Switch B:

Configuring VLANS and MVRP on Distribution Switch C

CLI Quick Configuration

To quickly configure distribution Switch C for MVRP, copy the following commands and paste them into the switch terminal window of distribution Switch C:

[edit]


set interfaces xe-0/1/1 unit 0 family ethernet-switching interface-mode trunk

set interfaces xe-0/1/0 unit 0 family ethernet-switching interface-mode trunk
set protocols mvrp interface xe-0/1/1
set protocols mvrp interface xe-0/1/0

Step-by-Step Procedure

To configure distribution Switch C for MVRP:

  1. Configure the trunk interface to access Switch A:
    [edit]

    user@Distribution-Switch-C# set interfaces xe-0/1/1 unit 0 family ethernet-switching interface-mode trunk
  2. Configure the trunk interface to access Switch B:
    [edit]

    user@Distribution-Switch-C# set interfaces xe-0/1/0 unit 0 family ethernet-switching interface-mode trunk
  3. Enable MVRP on the trunk interface for xe-0/1/1 :
    [edit]

    user@Distribution-Switch-C# set protocols mvrp interface xe-0/1/1



  4. Enable MVRP on the trunk interface for xe-0/1/0 :
    [edit]

    user@Distribution-Switch-C# set protocols mvrp interface xe-0/1/0



Results

Check the results of the configuration for Switch C:

Verification

To confirm that the configuration is updating VLAN membership, perform these tasks:

Verifying That MVRP Is Enabled on Access Switch A

Purpose

Verify that MVRP is enabled on the switch.

Action

Show the MVRP configuration:

user@Access-Switch-A> show mvrp

Meaning

The results show that MVRP is enabled on the trunk interface of Switch A and that the default timers are used.

Verifying That MVRP Is Updating VLAN Membership on Access Switch A

Purpose

Verify that MVRP is updating VLAN membership by displaying the Ethernet switching interfaces and associated VLANs that are active on Switch A.

Action

List Ethernet switching interfaces on the switch:



user@Access-Switch-A> show ethernet-switching interface

Meaning

MVRP has automatically added finance and lab as VLAN members on the trunk interface because they are being advertised by access Switch B.

Verifying That MVRP Is Enabled on Access Switch B

Purpose

Verify that MVRP is enabled on the switch.

Action

Show the MVRP configuration:

user@Access-Switch-B> show mvrp

Meaning

The results show that MVRP is enabled on the trunk interface of Switch B and that the default timers are used.

Verifying That MVRP Is Updating VLAN Membership on Access Switch B

Purpose

Verify that MVRP is updating VLAN membership by displaying the Ethernet switching interfaces and associated VLANs that are active on Switch B.

Action

List Ethernet switching interfaces on the switch:

user@Access-Switch-B> show ethernet-switching interface

Meaning

MVRP has automatically added finance, lab, and sales as VLAN members on the trunk interface because they are being advertised by access Switch A.

Verifying That MVRP Is Enabled on Distribution Switch C

Purpose

Verify that MVRP is enabled on the switch.

Action

Show the MVRP configuration:

user@Distribution-Switch-C> show mvrp

Meaning

The results show that MVRP is enabled on the trunk interfaces of Switch C and that the default timers are used.

Verifying That MVRP Is Updating VLAN Membership on Distribution Switch C

Purpose

Verify that MVRP is updating VLAN membership on distribution Switch C by displaying the Ethernet switching interfaces and associated VLANs on distribution Switch C.

Action

List the Ethernet switching interfaces on the switch:

user@Distribution-Switch-C> show ethernet-switching interface

List the VLANs that were created dynamically using MVRP on the switch:

user@Distribution-Switch-C> show mvrp dynamic-vlan-memberships

Note that this scenario does not have any fixed registration, which is typical when MVRP is enabled.

Meaning

Distribution Switch C has two trunk interfaces. Interface xe-0/1/1.0 connects Distribution Switch C to Access Switch A and is, therefore, updated to show that it is a member of all the VLANs that are active on Switch A. Any traffic for those VLANs will be passed on from Switch C to Switch A, through interface xe-0/1/1.0. Interface xe-0/1/0.0 connects Switch C to Switch B and is updated to show that it is a member of the two VLANs that are active on Switch B. Thus, Switch C sends traffic for finance and lab to both Switch A and Switch B. But Switch C sends traffic for sales only to Switch A.

Switch C also has three dynamic VLANs created using MVRP: mvrp_100, mvrp_200, and mvrp_300. The dynamically created VLANs mvrp_100 and mvrp_200 are active on interfaces xe-0/1/1.0 and xe-0/1/0.0, and dynamically created VLAN mvrp_300 is active on interface xe-0/1/1.0.

Example: Configuring Automatic VLAN Administration Using MVRP on EX Series Switches

Note

This example uses Junos OS for EX Series switches that does not support the Enhanced Layer 2 Software (ELS) configuration style. If your switch runs software that supports ELS, see Example: Configuring Automatic VLAN Administration Using MVRP on EX Series Switches with ELS Support. For ELS details, see Using the Enhanced Layer 2 Software CLI.

As a network expands and the number of clients and VLANs increases, VLAN administration becomes complex and the task of efficiently configuring VLANs on multiple EX Series switches becomes increasingly difficult. To automate VLAN administration, you can enable Multiple VLAN Registration Protocol (MVRP) on the network.

MVRP also dynamically creates VLANs, further simplifying the network overhead required to statically configure VLANs.

Note

Only trunk interfaces can be enabled for MVRP.

This example describes how to use MVRP to automate administration of VLAN membership changes within your network and how to use MVRP to dynamically create VLANs:

Requirements

This example uses the following hardware and software components:

  • Two EX Series access switches

  • One EX Series distribution switch

  • Junos OS Release 10.0 or later for EX Series switches

Overview and Topology

MVRP is used to manage dynamic VLAN registration in a LAN. It can also be used to dynamically create VLANs.

This example uses MVRP to dynamically create VLANs on the switching network. You can disable dynamic VLAN creation and create VLANs statically, if desired. Enabling MVRP on the trunk interface of each switch in your switching network ensures that the active VLAN information for the switches in the network is propagated to each switch through the trunk interfaces, assuming dynamic VLAN creation is enabled for MVRP.

MVRP ensures that the VLAN membership information on the trunk interface is updated as the switch’s access interfaces become active or inactive in the configured VLANs in a static or dynamic VLAN creation setup.

You do not need to explicitly bind a VLAN to the trunk interface. When MVRP is enabled, the trunk interface advertises all the VLANs that are active (bound to access interfaces) on that switch. An MVRP-enabled trunk interface does not advertise VLANs that have been configured on the switch but that are not currently bound to an access interface. Thus, MVRP provides the benefit of reducing network overhead—by limiting the scope of broadcast, unknown unicast, and multicast (BUM) traffic to interested devices only.

When VLAN access interfaces become active or inactive, MVRP ensures that the updated information is advertised on the trunk interface. Thus, in this example, distribution Switch C does not forward traffic to inactive VLANs.

Note

This example shows a network with three VLANs: finance, sales, and lab. All three VLANs are running the same version of Junos OS. If switches in this network were running a mix of Junos OS releases that included Release 11.3, additional configuration would be necessary—see Configuring Multiple VLAN Registration Protocol (MVRP) on Switches for details.

Access Switch A has been configured to support all three VLANS and all three VLANS are active, bound to interfaces that are connected to personal computers:

  • ge-0/0/1—Connects PC1 as a member of finance, VLAN ID 100

  • ge-0/0/2—Connects PC2 as a member of lab, VLAN ID 200

  • ge-0/0/3—Connects PC3 as a member of sales, VLAN ID 300

Access Switch B has also been configured to support three VLANS. However, currently only two VLANs are active, bound to interfaces that are connected to personal computers:

  • ge-0/0/0—Connects PC4 as a member of finance, VLAN ID 100

  • ge-0/0/1—Connects PC5 as a member of lab, VLAN ID 200

Distribution Switch C learns the VLANs dynamically using MVRP through the connection to the access switches. Distribution Switch C has two trunk interfaces:

  • xe-0/1/1—Connects the switch to access Switch A.

  • xe-0/1/0—Connects the switch to access Switch B.

Figure 2 shows MVRP configured on two access switches and one distribution switch.

Figure 2: MVRP Configured on Two Access Switches and One Distribution Switch for Automatic VLAN Administration
MVRP
Configured on Two Access Switches and One Distribution Switch for
Automatic VLAN Administration

Table 6 explains the components of the example topology.

Table 6: Components of the Network Topology

SettingsSettings

Switch hardware

  • Access Switch A

  • Access Switch B

  • Distribution Switch C

VLAN names and tag IDs

finance, tag 100

lab, tag 200

sales, tag 300



Interfaces

Access Switch A interfaces:

  • ge-0/0/1—Connects PC1 to access Switch A.

  • ge-0/0/2—Connects PC2 to access Switch A.

  • ge-0/0/3—Connects PC3 to access Switch A.

  • xe-0/1/1—Connects access Switch A to distribution Switch C (trunk).



Access Switch B interfaces:

  • ge-0/0/0—Connects PC4 to access Switch B.

  • ge-0/0/1—Connects PC5 to access Switch B.

  • xe-0/1/0—Connects access Switch B to distribution Switch C. (trunk)



Distribution Switch C interfaces:

  • xe-0/1/1—Connects distribution Switch C to access Switch A. (trunk)

  • xe-0/1/0—Connects distribution Switch C to access Switch B. (trunk)

Configuring VLANs and MVRP on Access Switch A

To configure VLANs on the switch, bind access interfaces to the VLANs, and enable MVRP on the trunk interface of access Switch A, perform these tasks:

CLI Quick Configuration

To quickly configure access Switch A for MVRP, copy the following commands and paste them into the switch terminal window of Switch A:

[edit]

set vlans finance vlan-id 100


set vlans lab vlan-id 200


set vlans sales vlan-id 300


set interfaces ge-0/0/1 unit 0 family ethernet-switching vlan members finance
set interfaces ge-0/0/2 unit 0 family ethernet-switching vlan members lab
set interfaces ge-0/0/3 unit 0 family ethernet-switching vlan members sales


set interfaces xe-0/1/1 unit 0 family ethernet-switching port-mode trunk
set protocols mvrp interface xe-0/1/1.0
Note

As recommended as a best practice, default MVRP timers are used in this example. The default values associated with each MVRP timer are: 200 ms for the join timer, 1000 ms for the leave timer, and 10000 ms for the leaveall timer. Modifying timers to inappropriate values might cause an imbalance in the operation of MVRP.

Step-by-Step Procedure

To configure access Switch A for MVRP:

  1. Configure the finance VLAN:
    [edit]

    user@Access-Switch-A# set vlans finance vlan-id 100
  2. Configure the lab VLAN:
    [edit]

    user@Access-Switch-A# set vlans lab vlan–id 200
  3. Configure the sales VLAN:
    [edit]

    user@Access-Switch-A# set vlans sales vlan–id 300
  4. Configure an Ethernet interface as a member of the finance VLAN:
    [edit]

    user@Access-Switch-A# set interfaces ge-0/0/1 unit 0 family ethernet-switching vlan members finance
  5. Configure an Ethernet interface as a member of the lab VLAN:
    [edit]

    user@Access-Switch-A# set interfaces ge-0/0/2 unit 0 family ethernet-switching vlan members lab
  6. Configure an Ethernet interface as a member of the sales VLAN:
    [edit]

    user@Access-Switch-A# set interfaces ge-0/0/3 unit 0 family ethernet-switching vlan members sales
  7. Configure a trunk interface:
    [edit]

    user@Access-Switch-A# set interfaces xe-0/1/1 unit 0 family ethernet-switching port-mode trunk
  8. Enable MVRP on the trunk interface:
    [edit]

    user@Access-Switch-A# set protocols mvrp interface xe-0/1/1.0



Results

Check the results of the configuration on Switch A:

Configuring VLANs and MVRP on Access Switch B

To configure three VLANs on the switch, bind access interfaces for PC4 and PC5 to the VLANs, and enable MVRP on the trunk interface of access Switch B, perform these tasks:

CLI Quick Configuration

To quickly configure Access Switch B for MVRP, copy the following commands and paste them into the switch terminal window of Switch B:

[edit]

set vlans finance vlan-id 100


set vlans lab vlan-id 200


set vlans sales vlan-id 300




set interfaces ge-0/0/0 unit 0 family ethernet-switching vlan members finance
set interfaces ge-0/0/1 unit 0 family ethernet-switching vlan members lab


set interfaces xe-0/1/0 unit 0 family ethernet-switching port-mode trunk
set protocols mvrp interface xe-0/1/0.0

Step-by-Step Procedure

To configure access Switch B for MVRP:

  1. Configure the finance VLAN:
    [edit]

    user@Access-Switch-B# set vlans finance vlan-id 100
  2. Configure the lab VLAN:
    [edit]

    user@Access-Switch-B# set vlans lab vlan–id 200
  3. Configure the sales VLAN:
    [edit]

    user@Access-Switch-B# set vlans sales vlan–id 300
  4. Configure an Ethernet interface as a member of the finance VLAN:
    [edit]

    user@Access-Switch-B# set interfaces ge-0/0/0 unit 0 family ethernet-switching vlan members finance
  5. Configure an Ethernet interface as a member of the lab VLAN:
    [edit]

    user@Access-Switch-B# set interfaces ge-0/0/1 unit 0 family ethernet-switching vlan members lab
  6. Configure a trunk interface:
    user@Access-Switch-B# set interfaces xe-0/1/0 unit 0 family ethernet-switching port-mode trunk
  7. Enable MVRP on the trunk interface:
    [edit]

    user@Access-Switch-B# set protocols mvrp xe-0/1/0.0



    Note

    As we recommend as a best practice, default MVRP timers are used in this example. The default values associated with each MVRP timer are: 200 ms for the join timer, 1000 ms for the leave timer, and 10000 ms for the leaveall timer. Modifying timers to inappropriate values might cause an imbalance in the operation of MVRP.

Results

Check the results of the configuration for Switch B:

Configuring VLANS and MVRP on Distribution Switch C

CLI Quick Configuration

To quickly configure distribution Switch C for MVRP, copy the following commands and paste them into the switch terminal window of distribution Switch C:

[edit]


set interfaces xe-0/1/1 unit 0 family ethernet-switching port-mode trunk

set interfaces xe-0/1/0 unit 0 family ethernet-switching port-mode trunk
set protocols mvrp interface xe-0/1/1.0
set protocols mvrp interface xe-0/1/0.0

Step-by-Step Procedure

To configure distribution Switch C for MVRP:

  1. Configure the trunk interface to access Switch A:
    [edit]

    user@Distribution-Switch-C# set interfaces xe-0/1/1 unit 0 family ethernet-switching port-mode trunk
  2. Configure the trunk interface to access Switch B:
    [edit]

    user@Distribution-Switch-C# set interfaces xe-0/1/0 unit 0 family ethernet-switching port-mode trunk
  3. Enable MVRP on the trunk interface for xe-0/1/1 :
    [edit]

    user@Distribution-Switch-C# set protocols mvrp interface xe-0/1/1.0



  4. Enable MVRP on the trunk interface for xe-0/1/0 :
    [edit]

    user@Distribution-Switch-C# set protocols mvrp interface xe-0/1/0.0



Results

Check the results of the configuration for Switch C:

Verification

To confirm that the configuration is updating VLAN membership, perform these tasks:

Verifying That MVRP Is Enabled on Access Switch A

Purpose

Verify that MVRP is enabled on the switch.

Action

Show the MVRP configuration:

user@Access-Switch-A> show mvrp

Meaning

The results show that MVRP is enabled on the trunk interface of Switch A and that the default timers are used.

Verifying That MVRP Is Updating VLAN Membership on Access Switch A

Purpose

Verify that MVRP is updating VLAN membership by displaying the Ethernet switching interfaces and associated VLANs that are active on Switch A.

Action

List Ethernet switching interfaces on the switch:

Meaning

MVRP has automatically added finance and lab as VLAN members on the trunk interface because they are being advertised by access Switch B.

Verifying That MVRP Is Enabled on Access Switch B

Purpose

Verify that MVRP is enabled on the switch.

Action

Show the MVRP configuration:

user@Access-Switch-B> show mvrp

Meaning

The results show that MVRP is enabled on the trunk interface of Switch B and that the default timers are used.

Verifying That MVRP Is Updating VLAN Membership on Access Switch B

Purpose

Verify that MVRP is updating VLAN membership by displaying the Ethernet switching interfaces and associated VLANs that are active on Switch B.

Action

List Ethernet switching interfaces on the switch:

user@Access-Switch-B> show ethernet-switching interfaces

Meaning

MVRP has automatically added finance, lab, and sales as VLAN members on the trunk interface because they are being advertised by access Switch A.

Verifying That MVRP Is Enabled on Distribution Switch C

Purpose

Verify that MVRP is enabled on the switch.

Action

Show the MVRP configuration:

user@Distribution-Switch-C> show mvrp

Verifying That MVRP Is Updating VLAN Membership on Distribution Switch C

Purpose

Verify that MVRP is updating VLAN membership on distribution Switch C by displaying the Ethernet switching interfaces and associated VLANs on distribution Switch C.

Action

List the Ethernet switching interfaces on the switch:

user@Distribution-Switch-C> show ethernet-switching interfaces

List the VLANs that were created dynamically using MVRP on the switch:

user@Distribution-Switch-C> show mvrp dynamic-vlan-memberships

Note that this scenario does not have any fixed registration, which is typical when MVRP is enabled.

Meaning

Distribution Switch C has two trunk interfaces. Interface xe-0/1/1.0 connects distribution Switch C to Access Switch A and is therefore updated to show that it is a member of all the VLANs that are active on Switch A. Any traffic for those VLANs will be passed on from distribution Switch C to Switch A, through interface xe-0/1/1.0. Interface xe-0/1/0.0 connects distribution Switch C to Switch B and is updated to show that it is a member of the two VLANs that are active on Switch B. Thus, distribution Switch C sends traffic for finance and lab to both Switch A and Switch B. But distribution Switch C sends traffic for sales only to Switch A.

Distribution Switch C also has three dynamic VLANs created using MVRP: mvrp_100, mvrp_200, and mvrp_300. The dynamically created VLANs mvrp_100 and mvrp_200 are active on interfaces xe-0/1/1.0 and xe-0/1/1.0, and dynamically created VLAN mvrp_300 is active on interface xe-0/1/1.0.

Verifying That MVRP Is Working Correctly on Switches

Purpose

After configuring your switch to participate in MVRP, verify that the configuration is properly set and that MVRP messages are being sent and received on your switch.

Action

  1. Confirm that MVRP is enabled on your switch.
    user@switch> show mvrp
  2. Confirm that MVRP messages are being sent and received on your switch.
    user@switch> show mvrp statistics interface xe-0/1/1.0

Meaning

The output of show mvrp shows that interface xe-0/1/1.0 is enabled for MVRP participation as shown in the status in the Interface based configuration field.

The output for show mvrp statistics interface xe-0/1/1.0 confirms that MVRP messages are being transmitted and received on the interface.

Note

You can identify an MVRP compatibility issue on EX Series switches by looking at the output from this command. If Join Empty received and Join In received incorrectly display zero, even though the value for MRPDU received has been increased, you are probably running different versions of Junos OS, including Release 11.3, on the switches in this network. Another indication that MVRP is having a version problem is that unexpected VLAN activity, such as multiple VLAN creation, takes place on the switch running the earlier release version. To remedy these problems, see Configuring Multiple VLAN Registration Protocol (MVRP) on Switches .

Verifying That MVRP Is Working Correctly on EX Series Switches with ELS Support

Purpose

Note

This task uses Junos OS for EX Series switches with support for the Enhanced Layer 2 Software (ELS) configuration style. If your switch runs software that does not support ELS, see Verifying That MVRP Is Working Correctly on Switches. For ELS details, see Using the Enhanced Layer 2 Software CLI.

After configuring your EX Series switch to participate in MVRP, verify that the configuration is properly set and that MVRP messages are being sent and received on your switch.

Action

  1. Confirm that MVRP is enabled on your switch.
    user@switch> show mvrp
  2. Confirm that MVRP messages are being sent and received on your switch.
    user@switch> show mvrp statistics

Meaning

The output of show mvrp shows that interface xe-0/1/1 is enabled for MVRP participation.

The output for show mvrp statistics confirms that MVRP messages are being transmitted and received on interface xe-0/1/1.

Note

You can identify an MVRP compatibility issue by observing the output from this command. If Received Join Empty and Received Join In incorrectly display zero, even though the value for Received MVRP PDUs without error has been increased, you are probably running different versions of Junos OS on the switches in this network. Another indication that MVRP is having a version problem is that unexpected VLAN activity, such as multiple VLAN creation, takes place on the switch running the earlier release version. To remedy these problems, see Configuring Multiple VLAN Registration Protocol (MVRP) on Switches .

Verifying That MVRP Is Working Correctly

Purpose

After configuring your MX Series router or EX Series switch to participate in Multiple VLAN Registration Protocol (MVRP), verify that the configuration is properly set and that MVRP messages are being sent and received on your switch.

Action

  1. Confirm that the router is declaring VLANs.

    Show that MVRP is enabled:

    user@host> show mvrp

    Show the MVRP applicant state:

  2. Confirm that VLANs are registered on interfaces.

    List VLANs in the registered state:

  3. Display a list of VLANs created dynamically.

    List dynamic VLAN membership:

Meaning

The output of show mvrp applicant-state shows that trunk interface ge-11/3/0 is declaring (sending out) interest in the VLAN IDs 100, 200, and 300, and MVRP is operating properly.

The output of show mvrp registrant-state shows the registrar state for VLANs 100 and 200 as Registered, indicating that these VLANs are receiving traffic from a customer site. VLAN 300 is in an Empty state and is not receiving traffic from a customer site.

The output of the show mvrp dynamic-vlan-membership shows that VLANs 100 and 200 are created dynamically (here, on an MX Series router operating as an aggregation switch between MX Series routers operating as edge switches). VLANs created statically are marked with an (s) (which is not indicated in this output).

Release History Table
Release
Description
Starting in Junos OS Release 15.1X49-D80, Multiple VLAN Registration Protocol (MVRP) to manage dynamic VLAN registration is supported on SRX1500 devices.