Filter
Top Products
PowerConnect B-Series FCX Configuration Guide 533
53-1002266-01
Configuring MAC-based VLANs
15
Aging for MAC-based VLAN
The aging process for MAC-based VLAN works as described below.
For permitted hosts
For permitted hosts, as long as the Dell PowerConnect device is receiving traffic aging does not
occur. The age column in the output of the show table-mac-vlan command displays Ena or S
<num>. If the Dell PowerConnect device stops receiving traffic, the entry first ages out from the
MAC table (in the hardware) and then the aging cycle for MAC-based VLAN begins. Aging in the
MAC-based VLAN continues for 2 minutes (the default is 120 seconds) after which the MAC-based
VLAN session is flushed out.
For blocked hosts
For blocked hosts, as long as the Dell PowerConnect device is receiving traffic, aging does not
occur. In the output of the show table-mac-vlan command, the age column displays H0 to H70, S0,
and H0 to H70, etc. Aging of the MAC-based VLAN MAC occurs in two phases: hardware aging and
software aging. The hardware aging period can be configured using the mac-authentication
hw-deny-age command in config mode. The default is 70 seconds. The software aging time for
MAC-based VLAN MACs can be configured using the mac-authentication max-age command. When
the Dell PowerConnect device is no longer receiving traffic from a MAC-based VLAN MAC address,
the hardware aging period begins and lasts for a fixed length of time (default or user-configured).
TABLE 90 Dell vendor-specific attributes for RADIUS
Attribute name Attribute ID Data type Optional or
mandatory
Description
Foundry-MAC-based
VLAN-QoS
8 decimal Optional The QoS attribute specifies the priority of the
incoming traffic based on any value between 0
(lowest priority) and 7 (highest priority). Default
is 0.
Foundry-802_1x-en
able
6 integer Optional Specifies whether 802.1X authentication is
performed when MAC-based VLAN is successful
for a device. This attribute can be set to one of
the following:
0 - Do not perform 802.1X authentication on a
device that passes MAC-based VLAN. Set the
attribute to zero (0) for devices that do not
support 802.1X authentication.
1 - Perform 802.1X authentication when a
device passes MAC-based VLAN. Set the
attribute to one (1) for devices that support
802.1X authentication.
Foundry-802_1x-val
id
7 integer Optional Specifies whether the RADIUS record is valid
only for MAC-based VLAN, or for both
MAC-based VLAN and 802.1X authentication.
This attribute can be set to one of the following:
0 - The RADIUS record is valid only for
MAC-based VLAN. Set this attribute to zero (0) to
prevent a user from using their MAC address as
username and password for 802.1X
authentication
1 - The RADIUS record is valid for both
MAC-based VLAN and 802.1X authentication.