beautypg.com

Aging for mac-based vlan, For permitted hosts – Brocade FastIron Ethernet Switch Security Configuration Guide User Manual

Page 233

background image

Brocade vendor-specific attributes for RADIUS

TABLE 27

Attribute name

Attribute ID Data type Optional

ormandatory

Description

Foundry-MAC-based
VLAN-QoS

8

decimal

Optional

The QoS attribute specifies the priority of the
incoming traffic based on any value between 0
(lowest priority) and 7 (highest priority). Default
is 0.

Foundry-802_1x-
enable

6

integer

Optional

Specifies whether 802.1X authentication is
performed when MAC-based VLAN is
successful for a device. This attribute can be
set to one of the following:

0 - Do not perform 802.1X authentication on a
device that passes MAC-based VLAN. Set the
attribute to zero (0) for devices that do not
support 802.1X authentication.

1 - Perform 802.1X authentication when a
device passes MAC-based VLAN. Set the
attribute to one (1) for devices that support
802.1X authentication.

Foundry-802_1x-
valid

7

integer

Optional

Specifies whether the RADIUS record is valid
only for MAC-based VLAN, or for both MAC-
based VLAN and 802.1X authentication.

This attribute can be set to one of the following:

0 - The RADIUS record is valid only for MAC-
based VLAN. Set this attribute to zero (0) to
prevent a user from using their MAC address as
username and password for 802.1X
authentication

1 - The RADIUS record is valid for both MAC-
based VLAN and 802.1X authentication.

Aging for MAC-based VLAN

The aging process for MAC-based VLAN works as described below.

NOTE
MAC aging is applicable to dynamic MAC-based VLANs only.

For permitted hosts

For permitted hosts, as long as the Brocade device is receiving traffic aging does not occur. The age
column in the output of the show table-mac-vlan command displays Ena or S num . If the Brocade
device stops receiving traffic, the entry first ages out from the MAC table (in the hardware) and then the
aging cycle for MAC-based VLAN begins. Aging in the MAC-based VLAN continues for 2 minutes (the
default is 120 seconds) after which the MAC-based VLAN session is flushed out.

Aging for MAC-based VLAN

FastIron Ethernet Switch Security Configuration Guide

233

53-1003088-03

See also other documents in the category Brocade Computer Accessories: