This is a perfect opportunity for me to learn something. What aspects/advantages of using MAC based VLAN assignments were causing you to consider using it? Considering in a large organization (5000+ IP devices... and that's not "large" to some people =) using MAC based VLAN assignment sounds like an administrative nightmare..... Hell, port-based VLAN assignment is a pain enough sometimes =)
Sometimes I just wanna thrown everything into ONE BIG BROADCAST DOMAIN and be done with it.... even setup all WAN routers to bridge instead of route.... Mmmmmmm...... Mike W. "Kelly Cobean" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > I've never heard the term "MAC-based VLAN" before. Is this a reference to > the use of VMPS? We considered doing VMPS for MAC based VLAN assignments, > but ran into several issues, one of which was the fact that we have Cat3548 > clusters that, while there are as many as 9 switches in the cluster, have > only one IP address for the stack. The VMPS protocol specifies that when an > access switch sends a VMPS request to the VMPS server, it identifies itself > using it's own IP address and the port# that the device is trying to connect > to. With a building of over 800 employees, managing this type of system > would be pretty intensive because you need the MAC address of EVERY PC in > the building that you desire to assign to a VLAN, typically with unkown's > going into the "fallback" VLAN. > > -----Original Message----- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of > Howard C. Berkowitz > Sent: Tuesday, April 16, 2002 11:02 AM > To: [EMAIL PROTECTED] > Subject: Re: Whats going to happen ? [7:41572] > > > >Personally, I've never come across a situation where MAC-based VLANs were > >useful..... Port-based membership is more practical/common. You can always > >enforce port-security based on MAC address, but still have the same problem > >with regard to if someone changes their NIC, it'll require a call to you to > >change things up to make them work. > > > >Mike W. > > I agree they aren't that useful, but they are in fairly common use > with DSL and cable providers, who use the modem/router MAC address as > a primitive form of security. And yes, equipment changes do cause > problems. > > > > >"Irwan Hadi" wrote in message > >[EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > >> Dear All, > >> > >> Suppose that I create a MAC based VLAN with for example 100 computers. > >> All of these computers either will get IP from the DHCP for the > >> 10.0.1.0/24 IP block, or they can hard wired their own IP provided that > >> the IP is their own, and it is in the 10.0.1.0/24 subnet. > >> > >> Now suppose one person changes his NIC at his computer. This of course > >will > >> makes > >> the switch won't recognize his new MAC address, and hard wired his IP to > >> the one at 10.0.1.0/24. > >> > >> My question is will his connection get bumped out from the network ? > >> > > > Thanks > > > -- > "What Problem are you trying to solve?" > ***send Cisco questions to the list, so all can benefit -- not > directly to me*** > **************************************************************************** > **** > Howard C. Berkowitz [EMAIL PROTECTED] > Chief Technology Officer, GettLab/Gett Communications > http://www.gettlabs.com > Technical Director, CertificationZone.com http://www.certificationzone.com > "retired" Certified Cisco Systems Instructor (CID) #93005 Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=41659&t=41572 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
