beautypg.com

The ways to create mac address-based vlans, Configuring a mac address-based vlan – H3C Technologies H3C WX6000 Series Access Controllers User Manual

Page 65

background image

7-10

The ways to create MAC address-based VLANs

A MAC address-based VLAN can be created in one of the following two ways.

z

Static configuration (through CLI)

You can associate MAC addresses and VLANs by using corresponding commands.

z

Auto configuration though the authentication server (that is, VLAN issuing)

The device associates MAC addresses and VLANs dynamically based on the information provided by
the authentication server. If a user goes offline, the corresponding MAC address-to-VLAN association is
removed automatically. Auto configuration requires MAC address-to–VLAN mapping relationship be
configured on the authentication server. For detailed information, refer to 802.1x-HABP-MAC

Authentication

in H3C WX6103 Access Controller Switch Interface Board Configuration Guide.

The two configuration methods can be used at the same time, that is, you can configure a MAC
address-to-VLAN entry on both the local device and the authentication serer at the same time. Note that
the MAC address-to-VLAN entry configuration takes effect only when the configuration on the local
device is consistent with that on the authentication server.

Configuring a MAC Address-Based VLAN

MAC address-based VLANs are available only on Hybrid ports.

Follow these steps to configure a MAC address-based VLAN:

To do...

Use the command...

Remarks

Enter system view

system-view

Associate MAC addresses with
a VLAN

mac-vlan mac-address

mac-addr vlan

vlan-id

[ priority priority ]

Required

Enter Ethernet
interface view

interface interface-type
interface-number

Enter
Ethernet
interface
view or port
group view

Enter port group
view

port-group

{ manual port-group-name |

aggregation agg-id

}

Use either command.
The configuration performed in
Ethernet interface view applies to
the current port only; the
configuration performed in port
group view applies to all the ports
in the port group.

Configure the link type of the
port(s) as hybrid

port link-type

hybrid

Required

Configure the current hybrid
port(s) to permit packets of
specific MAC address-based
VLANs

port hybrid

vlan vlan-id-list { tagged |

untagged

}

Required
By default, a hybrid port only
permits the packets of VLAN 1.

Enable MAC address-based
VLAN

mac-vlan enable

Required
Disabled by default

See also other documents in the category H3C Technologies Routers: