Fallback Vlan - Cisco Catalyst 4500 Series Software Configuration Manual
Cisco ios xe release 3.9.xe and cisco ios release 15.2(5)ex
Hide thumbs
Also See for Catalyst 4500 Series:
- Administration manual (1814 pages) ,
- Configuration manual (1610 pages) ,
- Command reference manual (1230 pages)
Table of Contents
Advertisement
VLAN Membership Policy Server
•
If a VLAN is already assigned to this port, VMPS verifies the requesting MAC address against this port:
•
Multiple Mode
Multiple hosts (MAC addresses) can be active on a dynamic port if they are all in the same VLAN. If the
link fails on a dynamic port, the port returns to the unassigned state. Any hosts that come online through
the port are checked again with VMPS before the port is assigned to a VLAN.
If multiple hosts connected to a dynamic port belong to different VLANs, the VLAN matching the MAC
address in the last request is returned to the client provided that multiple mode is configured on the
VMPS server.
Note
Although Catalyst 4500 series and Catalyst 6500 series switches running Catalyst operating system
software support VMPS in all three operation modes, the User Registration Tool (URT) supports open
mode only.
Fallback VLAN
You can configure a fallback VLAN name on a VMPS server.
If no VLAN has been assigned to this port, VMPS compares the requesting MAC address to this port:
•
•
If a VLAN is already assigned to this port, VMPS compares the requesting MAC address to this port:
•
Illegal VMPS Client Requests
Two examples of illegal VMPS client requests are as follows:
•
•
Overview of VMPS Clients
The following subsections describe how to configure a switch as a VMPS client and configure its ports
for dynamic VLAN membership.
The following topics are included:
•
Catalyst 4500 Series Switch, Cisco IOS Software Configuration Guide - Cisco IOS XE 3.9.xE and IOS 15.2(5)Ex
17-22
If the VLAN associated with this MAC address is not allowed on the port, the port is shut down.
If a VLAN associated with this MAC address in the database does not match the current VLAN
assigned on the port, the port is shutdown, even if a fallback VLAN name is configured.
If you connect a device with a MAC address that is not in the database, the VMPS sends the fallback
VLAN name to the client.
If you do not configure a fallback VLAN name and the MAC address does not exist in the database,
the VMPS sends an "access-denied" response.
If the VMPS is in secure mode, it sends a "port-shutdown" response, whether a fallback VLAN has
been configured on the server.
When a MAC-address mapping is not present in the VMPS database and "no fall back" VLAN is
configured on the VMPS.
When a port is already assigned a VLAN (and the VMPS mode is not "multiple") but a second
VMPS client request is received on the VMPS for a different MAC-address.
Understanding Dynamic VLAN Membership, page 17-23
Chapter 17
Configuring VLANs, VTP, and VMPS
Advertisement
Chapters
Table of Contents
Troubleshooting
