Configuring Universal Network Profiles Interaction With Other Features
OmniSwitch AOS Release 7 Network Configuration Guide June 2013 page 27-23
Interaction With Other Features
This section contains important information about how Universal Network Profile (UNP) functionality
interacts with other OmniSwitch features. Refer to the specific chapter for each feature to get more
detailed information about how to configure and use the feature.
Virtual Network Profiles
A Virtual Network Profile (vNP) refers to a UNP that is configured for machine classification, in particu-
lar virtual machines. This type of UNP will classify virtual machines in the same manner as any other
device connected to a UNP port.
Once a virtual machine is assigned to a vNP, VM traffic is bound to the VLAN or SPB service as defined
by the profile. In addition, any QoS policies associated with the profile are also applied to the VM traffic.
See “Device Authentication and Classification” on page 27-13 for more information.
For more information about virtual machine classification, see Chapter 4, “Virtual Machine Classifica-
tion,” in the OmniSwitch AOS Release 7 Data Center Switching Guide.
Learned Port Security
• The UNP and Learned Port Security (LPS) features are supported on the same port with the following
conditions:
> When LPS is enabled or disabled on a UNP port, MAC addresses already learned on that port are
flushed.
> When both LPS and UNP are enabled on the same port, UNP first authenticates and classifies any
MAC addresses received, then LPS rules are applied. If a MAC address violates any of the LPS
rules for the port, the address may get filtered or the port violated even if UNP initially determined
the address was valid. In other words, LPS rules take precedence over UNP to determine if a MAC
address is bridged or filtered on the port.
> If UNP classifies a MAC address as learning but LPS learns the address as filtering, an untagged
packet will show as filtering in the default VLAN for the port and a tagged packet MAC will show
as filtering in the specific tagged VLAN.
> When a MAC address is filtered by LPS, the show unp user command will display “LPS-Blocked”
as the classification source for that MAC address.
• There are some LPS commands and command options that are not supported on UNP ports. For more
information about these exceptions and other conditions for using UNP and LPS on the same port, see
Chapter 39, “ Learned Port Security Commands,” in the OmniSwitch CLI Reference Guide.
To Next Page
Loading...
Need help?
General