Mac-Based Vlan Configuration - HP A6600 Configuration Manual

Layer 2 - lan switching

Hide thumbs Also See for A6600:

Configuration manual (501 pages)

Getting started (222 pages)

Limited warranty (41 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

191

192

193

194

195

196

197

198

199

200

201

202

203

204

205

206

207

208

209

210

211

212

213

214

215

216

217

218

219

220

221

222

223

224

225

226

227

228

229

230

231

232

page of 232

/ 232
Contents
Table of Contents
Bookmarks

Table of Contents

GigabitEthernet4/1/1

[RouterA-GigabitEthernet4/1/3] display vlan 200

VLAN ID: 200

VLAN Type: static

Route Interface: not configured

Description: VLAN 0200

Name: VLAN 0200

Broadcast MAX-ratio: 100%

Tagged

Ports:

GigabitEthernet4/1/3

Untagged Ports:

GigabitEthernet4/1/2

MAC-based VLAN configuration

The MAC-based VLAN feature assigns hosts to a VLAN based on their MAC addresses. This feature is

usually used in conjunction with security technologies such as 802.1X to provide secure, flexible network

access for terminal devices.

MAC-based VLAN implementation

With MAC-based VLAN configured, the router processes received packets as follows:

When receiving an untagged frame, the router looks up the list of MAC-to-VLAN mappings based

•

on the source MAC address of the frame for a match. Two matching modes are available: exact

matching and fuzzy matching. In exact matching mode, the router searches the MAC-to-VLAN

mappings whose masks are all-Fs. If the MAC address in a MAC-to-VLAN mapping matches the

source MAC address of the untagged frame exactly, the router ends the search and adds a VLAN

tag containing the corresponding VLAN ID to the packet. In fuzzy matching mode, the router

searches the MAC-to-VLAN mappings whose masks are not all-Fs and performs a logical AND

operation on the parameter and each mask. If the result of an AND operation matches the

corresponding MAC address exactly, the router ends the search the adds a VLAN tag containing the

corresponding VLAN ID to the packet. If no match is found, the system looks up other types of

VLANs to make the forwarding decision.

When receiving a tagged frame: if the receiving port is not enabled with MAC-based dynamic port

•

assignment, the router handles the frame according to port-based VLAN, that is, forwards the frame

if it is assigned to the corresponding VLAN or drops the frame if it is not; if the receiving port is

enabled with MAC-based dynamic port assignment, the router forwards the frame only if the source

MAC address and VLAN ID carried in the frame match a MAC-to-VLAN mapping exactly or drops

the frame if no match is found.

Approaches to creating MAC address-to-VLAN mappings

In addition to creating MAC address-to-VLAN mappings at the CLI, use an authentication server to

automatically issue MAC address-to-VLAN mappings.

Static configuration (through CLI)

•

Associate MAC addresses with VLANs by using corresponding commands.

•

Automatic configuration through the authentication server (that is, VLAN issuing)

The router associates MAC addresses with VLANs dynamically based on the information provided by the

authentication server. If a user goes offline, the corresponding MAC address-to-VLAN association is

Table of Contents

Mac-Based Vlan Configuration - HP A6600 Configuration Manual

MAC-based VLAN configuration

Related Manuals for HP A6600

Related Content for HP A6600

Table of Contents