beautypg.com

1 solving the problem, Solving the problem -47 – Enterasys Networks 2200 User Manual

Page 309

background image

Example 8, Locking a MAC Address to a Port Using Classification Rules

VLAN Operation and Network Applications

12-47

12.19.1 Solving the Problem

Switch S1 needs to be configured with two 802.1Q VLANs. Since the switch, by default, already
has one VLAN created (the Default VLAN), only one new VLAN will need to be created. In this
example, the new VLAN will be named the Red VLAN.

The objective here is to configure S1 so that when it receives a frame on Port 1 from MAC address
00.00.00.00.00.0A, the frame is classified into the Red VLAN. When S1 receives a frame on Port
1 from a MAC address other than 00.00.00.00.00.0A, the frame is associated with the Default
VLAN. To accomplish this, S1 is configured so that the frames originating from the Red VLAN
are eligible to be forwarded out the desired ports. The frames associated with the Default VLAN
are not forwarded to any ports and are discarded by S1. Frames received on Port 2 will be handled
in the same way except that S1 will only allow frames with the MAC address 00.00.00.00.00.0B
frames to be forwarded out the desired ports and discard all other frames received on Port 2 that
are not MAC address 00.00.00.00.00.0B frames.

This is accomplished using

the Device VLAN Configuration screen to create one VLAN, which will be named Red
VLAN in this example,

the VLAN CLassification Configuration screen to create two src MAC address classification
rules and assign them to the appropriate new VLAN, and

the Protocol Port Configuration screen to assign the new classification rules to Ports 1 and 2
and add the new VLANs to their port VLAN forwarding list.

Switch 1

To secure Port 1, Switch 1 is configured as follows:

1. To create the Red VLAN, the following settings are entered using the Device VLAN

Configuration screen:

VLAN ID: 2

FID: 2

VLAN NAME: VLAN A

ADD VLAN A to the Module VLAN list.

2. To assign Port 1 and 2 to the Red VLAN, the following settings are entered using the Port

Assignment Configuration screen.

Port 1 – Port Mode: HYBRID; VLAN ID: 2; FID: 2; VLAN NAME: Red VLAN

Port 2 – Port Mode: HYBRID; VLAN ID: 2; FID: 2; VLAN NAME: Red VLAN

No other ports are assigned to the Red VLAN.