Automatic binding of vlans to ports, Overview, Configuring mac address lock and intrusion – Avaya 580 User Manual
Page 259: Detection
Document No. 10-300077, Issue 2
8-37
Configuring Ports
Automatically
Creating VLANs
and Frame Tags
Parameters
VLANs are created automatically by the switch reading the VLAN tag of all
ingress IEEE 802.1Q and Multi-Layer tagged frames. The switch then
creates a new VLAN for every new VLAN tag identified. However, if the
parameter for Frame Tags is set to Ignore, the switch will ignore the
VLAN tags on ingress frames. The switch assumes that all ingress frames
belong to the ‘Port VLAN’. Therefore, no new VLANs will ever be
created automatically.
Automatic Binding
of VLANs to Ports
When a VLAN is either manually or automatically created, the software
may automatically bind the VLAN to a port depending on the setting of the
‘Trunk Mode’ parameter assigned to the port.
■
When a VLAN is created manually the software assigns the VLAN
to all ports whose VLAN Binding is set to Bind to All. No other
ports will automatically be assigned when a VLAN is created
manually.
■
When a VLAN is created automatically the software assigns the
VLAN to the port it is received on if that port is set to Bind to All
and Bind to Received. Additionally, software will assign the VLAN
to all other ports whose VLAN Binding is set to Bind to All.
following command from Configure mode:
(configure)#
set port VLAN
Configuring MAC Address Lock and Intrusion Detection
Overview
The MAC Address Lock feature filters frames that do not match the static
MAC address that is assigned to a port. If you enable MAC Address Lock,
you can also enable Intrusion Detection, which generates trap messages that
identify intruding (unknown) source addresses.
The switch stores a history of 64 intruding source MAC addresses in a
software buffer. One intruding source MAC address is stored and one trap
message is generated per the intrusion trap timer setting. Once a MAC
address is stored and the trap is generated, the switch does not send another
trap for the address until it is cleared from the buffer.
* Note: The default setting for the intrusion trap timer is 1800 seconds
(30 minutes). The valid range for the timer is 60 to 1800
seconds.