119
1. 8 7 7. 8 7 7. 2 2 6 9 BLACKBOX.COM
NEED HELP?
LE AVE THE TECH TO US
LIVE 24/7
TECHNICAL
SUPPORT
1.8 7 7. 8 7 7. 2 26 9
3.16 V C L
3.16.1 MAC-BASED VLAN
MAC address-based VLAN decides the VLAN for forwarding an untagged frame based on the source MAC address of the frame.
The most common way of grouping VLAN members is by port, hence the name port-based VLAN. Typically, the device adds the
same VLAN tag to untagged packets that are received through the same port. Later on, these packets can be forwarded in the
same VLAN. Port-based VLAN is easy to configure, and applies to networks where the locations of terminal devices are relatively
fixed. As mobile office and wireless network access gain more popularity, the ports that terminal devices use to access the
networks are very often non-fixed. A device may access a network through Port A this time, but through Port B the next time. If Port
A and Port B belong to different VLANs, the device will be assigned to a different VLAN the next time it accesses the network. As
a result, it will not be able to use the resources in the old VLAN. On the other hand, if Port A and Port B belong to the same VLAN,
after terminal devices access the network through Port B, they will have access to the same resources as those accessing the
network through Port A do, which brings security issues.To provide user access and ensure data security in the meantime, MAC-
based VLAN technology is used.
MAC-based VLANs group VLAN members by MAC address. With MAC-based VLAN configured, the device adds a VLAN tag
to an untagged frame according to its source MAC address. MAC-based VLANs are mostly used in conjunction with security
technologies such as 802.1X to provide secure, flexible network access for terminal devices.
WEB INTERFACE
To configure MAC address-based VLAN configuration in the web interface:
1. Click VLC, MAC-based VLAN configuration and add new entry.
2. Specify the MAC address and VLAN ID.
3. Click Apply.
FIGURE 3-71. MAC-BASED VLAN MEMBERSHIP CONFIGURATION SCREEN
Parameter description:
Delete: To delete a MAC-based VLAN entry, check this box and press save. The entry will be deleted on the selected switch in the
stack.
MAC Address: Indicates the MAC address.
VLAN ID: Indicates the VLAN ID.
Port Members: A row of check boxes for each port is displayed for each MAC-based VLAN entry. To include a port in a MAC-based
VLAN, check the box. To remove or exclude the port from the MAC-based VLAN, make sure the box is unchecked. By default, no
ports are members, and all boxes are unchecked.
CHAPTER 3: SYSTEM CONFIGURATION
To Next Page
Loading...
