Mac-based vlans, Supported mac-based vlan features, Mac-based vlan overview – Brocade FastIron Ethernet Switch Security Configuration Guide User Manual
Page 227
MAC-based VLANs
Supported MAC-based VLAN features
Lists MAC-based VLAN features supported on FastIron devices.
The following table lists the individual BrocadeFastIron switches and the MAC-based VLAN features
they support. These features are supported in the Layer 2 and Layer 3 software images, except where
explicitly noted.
Feature
ICX 6430
ICX 6450
FCX
ICX 6610
ICX 6650
FSX 800
FSX 1600
ICX 7750
MAC-based VLANs
• Source MAC address authentication
• Policy-based classification and
forwarding
08.0.01
08.0.01
08.0.01
08.0.01
08.0.01
No
No
MAC-based VLANs and 802.1X security
on the same port
08.0.01
08.0.01
08.0.01
08.0.01
08.0.01
No
No
MAC-based VLAN aging
08.0.01
08.0.01
08.0.01
08.0.01
08.0.01
No
No
Dynamic MAC-based VLANs
08.0.01
08.0.01
08.0.01
08.0.01
08.0.01
No
No
MAC-based VLAN overview
The MAC-based VLAN feature controls network access by authenticating a host source MAC address,
and mapping the incoming packet source MAC to a VLAN. Mapping is based on the MAC address of
the end station connected to the physical port. Users who relocate can remain on the same VLAN as
long as they connect to any switch in the same domain, on a port which is permitted in the VLAN. The
MAC-based VLAN feature may be enabled for two types of hosts: static and dynamic.
MAC-based VLAN activity is determined by authentication through a RADIUS server. Incoming traffic
that originates from a specific MAC address is forwarded only if the source MAC address-to-VLAN
mapping is successfully authenticated. While multi-device port authentication is in progress, all traffic
FastIron Ethernet Switch Security Configuration Guide
227
53-1003088-03