Mac-Based Vlans; Mac-Based Vlan Guidelines - Extreme Networks ExtremeWare 7.2e Installation And User Manual

• How the VLAN was created.
• IP address.
• STPD information.
• Protocol information.
• QoS profile information.
• Ports assigned.
• Tagged/untagged status for each port.
• How the ports were added to the VLAN.
• Number of VLANs configured on the switch.
Use the
detail

MAC-Based VLANs

MAC-Based VLANs allow physical ports to be mapped to a VLAN based on the source MAC address
learned in the FDB. This feature allows you to designate a set of ports that have their VLAN
membership dynamically determined by the MAC address of the end station that plugs into the
physical port. You can configure the source MAC address-to-VLAN mapping either offline or
dynamically on the switch. For example, you could use this application for a roaming user who wants
to connect to a network from a conference room. In each room, the user plugs into one of the designated
ports on the switch and is mapped to the appropriate VLAN. Connectivity is maintained to the network
with all of the benefits of the configured VLAN in terms of QoS, routing, and protocol support.

MAC-Based VLAN Guidelines

When using the MAC-to-VLAN mapping, consider the following guidelines:
• A port can only accept connections from an endstation/host and should not be connected to a
layer-2 repeater device. Connecting to a layer-2 repeater device can cause certain addresses to not be
mapped to their respective VLAN if they are not correctly configured in the MAC-VLAN
configuration database. If a repeater device is connected to a MAC-Based VLAN port, and the
configured MAC-to-VLAN mapped station enters on the repeater, any endstation that is attached to
the repeater can be mapped to that VLAN while the configured endstation is active in that VLAN.
Upon removal of the configured MAC-to-VLAN endstation, all other endstations lose connectivity.
• Groups are used as a security measure to allow a MAC address to enter into a VLAN only when the
group mapping matches the port mapping.
As an example, the following configuration allows MAC 00:00:00:00:00:aa to enter into the VLAN
only on ports 10 and 11 because of membership in group 100:
* Summit400 # show mac-vlan
Port
10
11
12
13
14
Total Entries in Database:2
Mac
00:00:00:00:00:aa
ExtremeWare 7.2e Installation and User Guide
option to display the detailed format.
Vlan
MacVlanDiscover
MacVlanDiscover
MacVlanDiscover
MacVlanDiscover
MacVlanDiscover
Vlan
sales
Group State
100 Discover
100 Discover
any Discover
any Discover
any Discover
Group
100
MAC-Based VLANs
99