Configuring a Bridge Domain and a VLAN on the Same Port

Before Netvisor ONE release 6.1.1, a bridge domain and a VLAN were not allowed to be configured on the same port. They were mutually exclusive.

A port can be added to a bridge domain with the bridge-domain-create plus bridge-domain-port-add command sequence. On the other hand, a port can be added to a VLAN with the vlan-create plus vlan-port-add command sequence.

In the latter case above, when a VLAN was already configured on a port (say, port 20), attempting to configure a bridge domain on the same port would have produced the following error:

vlan/vxlan is already configured on port 20, remove it to configure Q-in-Q

Vice versa, on a port (say, port 21) already configured with a bridge domain (with the first sequence described above), attempting to configure a VLAN on the same port would have produced the following error:

Ignoring port (21) addition to vlan 10 since these port are part of Q-in-Q

Starting from Netvisor ONE release 6.1.1, these checks (and the corresponding errors) are removed as it is now possible to configure both a VLAN and a BD on the same port.

However, there are still some restrictions that must be considered:

  • A bridge domain and a VLAN are not allowed to share the same (port, VLAN ID) value pair. So, for example, if (port 20, VLAN 100) is already part of BD1, then the VLAN configuration cannot use the same (port 20, VLAN 100) pair. If a conflicting pair is used by mistake in the configuration, it will be rejected.
  • Since a port can only have one untagged VLAN, it can either be used by a bridge domain (in untagged mode) or as a port's native VLAN. The same VLAN ID cannot be used in both configurations. Therefore, a conflicting configuration will be rejected.
  • If vLE is configured on a port, the same port cannot be used for VLAN or BD configuration.
  • VLAN and bridge domain configuration cannot be done on a port that is configured as a Network Packet Broker (NPB) port.