Dell FCX624-S Laptop User Manual


  Open as PDF
of 1494
 
PowerConnect B-Series FCX Configuration Guide 529
53-1002266-01
Configuration notes and feature limitations
15
When this feature is not enabled, the physical port is statically added to the hardware table,
regardless of the outcome of the authentication process. This feature prevents the addition of
un-authenticated ports to the VLAN table. For information about how to configure Dynamic
MAC-based VLAN, refer to “Configuring dynamic MAC-based VLAN” on page 536.
Configuration notes and feature limitations
The following guidelines apply to MAC-based VLAN configurations:
MAC-based VLAN is not currently supported for trunk ports and LACP.
MAC-based VLAN is not supported for VLAN groups, topology groups and dual-mode
configuration.
MAC-based VLAN is not supported together with ACLs or MAC address filters.
Dell PowerConnect devices do not support UDLD link-keepalives on ports with MAC-based
VLAN enabled.
Dell PowerConnect devices do not support STP BPDU packets on ports with MAC-based VLAN
enabled.
MAC-to-VLAN mapping must be associated with VLANs that exist on the switch. Create the
VLANs before you configure the MAC-based VLAN feature.
Ports participating in MAC-based VLANs must first be configured as mac-vlan-permit ports
under the VLAN configuration.
In the RADIUS server configuration file, a MAC address cannot be configured to associate with
more than one VLAN.
This feature does not currently support dynamic assignment of a port to a VLAN. Users must
pre-configure VLANs and port membership before enabling the feature.
Multi-device port authentication filters will not work with MAC-based VLANs on the same port.
The following table describes the CLI commands used to configure MAC-based VLANs.
TABLE 88 CLI commands for MAC-based VLANs
CLI command Description CLI level
mac-auth mac-vlan enable Enables per-port MAC-based VLAN Interface
mac-auth mac-vlan disable Disables per-port MAC-based VLAN interface
mac-auth mac-vlan-dyn-activation Enables Dynamic MAC-based VLAN global
no mac-auth mac-vlan-dyn-activation Disables Dynamic MAC-based VLAN global
no mac-auth mac-vlan Removes the MAC-VLAN configuration from the
port
interface
mac-auth mac-vlan max-mac-entries
<num of entries>
The maximum number of allowed and denied
MAC addresses (static and dynamic) that can be
learned on a port. The default is 2.
interface
mac-auth mac-vlan <mac-addr>
vlan <vlan id> priority <0-7>
Adds a static MAC-VLAN mapping to the
MAC-based VLAN table (for static hosts)
interface
clear table-mac-vlan Clears the contents of the authenticated MAC
address table
global
clear table-mac-vlan ethernet <port> Clears all MAC-based VLAN mapping on a port global