interface port-channel

ID number for this port channel.

Range:0-7

A character string describing this port-channel.

Range:up to 60 characters

Adds the specified GigabitEthernet interface to the port channel.

Applies the specified ACL to the interface. Use theip access-listcommand to configure an ACL.

This command requires the PEFNG license.

Applies ACL to interface’s inbound traffic.

Applies ACL to interface’s outbound traffic.

Applies session ACL to interface and optionally to a selected VLAN associated with this port.

Applies session ACL to VLAN.

Range:1-4094

Enables or disables jumbo frame MTU configured via firewall on a port channel.

Default:Disabled

Negates any configured parameter.

Enables or disables Openflow on the port channel.

Default:Disabled

Causes a hard shutdown of the interface.

Enables spanning tree.

Enables BPDU guard on the port channel.

Default:Disabled

Specify the cost value of the spanning tree path for an interface.

Range:1 - 65535

Configures the interface as a point to point link.

Specify the spanning tree priority for the interface.

Range:1 - 255

Enables forwarding of traffic from the interface. Optionally you can choose a trunk port for forwarding the traffic.

Configure a VLAN instance or a range of VLAN IDs for the

Sets switching mode parameters for the interface.

Sets the interface as an access port for the specified VLAN. The interface carries traffic only for the specified VLAN.

Sets the mode of the interface to access or trunk mode only.

Sets the maximum number of MAC addresses that can be configured on the port channel.

Range:16-32768

Sets the interface as a trunk port for the specified VLANs. A trunk port carries traffic for multiple VLANs using 802.1q tagging to mark frames for specific VLANs. You can include all VLANs configured on themanaged device, or add or remove specified VLANs. Optionally you can specify the native VLAN for the trunk mode interface. Frames on the native VLAN are not 802.1q tagged.

Set this interface and range of VLANs to be trusted. VLANs not included in the trusted range of VLANs will be, by default, untrusted.

Trusted ports and VLANs are typically connected to internal controlled networks, while untrusted ports connect to third-party APs, public areas, or other networks to which access controls should be applied. WhenArubaAPs are attached directly to amanaged device,将端口设置为可信。

Default:disabled

Sets the specified range of VLANs as trusted. All remaining become untrusted automatically.

例如,如果您设置一个VLAN范围为:
vlan 1-10, 100-300, 301, 305-400, 501-4094

Then all VLANs in this range are trusted and all others become untrusted by default. You can also use theno trusted vlancommand to explicitly make an individual VLAN untrusted. The no trusted vlan command is additive and adds given vlans to the existing untrusted vlan set.

However, if you execute thetrusted vlan<word>command, it overrides any earlier untrusted VLANs or a range of untrusted VLANs and creates a new set of trusted VLANs.

A port supports a user VLAN range from 1-4094. If you want to set all VLANs (1-4094) on a port as untrusted then mark the port itself as untrusted. By default the port and all its associated VLANs are trusted.

Range:1-4094

Enables and configures the Extreme Security (xSec) protocol.

You must purchase and install the xSec software module license in themanaged device.

MAC address of the device that is the xSec tunnel termination point, and the 16-byte shared key used to authenticate the device to each other. The key must be the same on both devices.

VLANs that are allowed on the xSec tunnel.

(Optional) MTU size for the xSec tunnel.