IP/MAC Based VLANs for dynamic host VLAN assignment

  • 0
  • 1
  • Question
  • Updated 2 years ago
  • Answered
HI All,

I have come across this design a few times and I am not too sure what can be offered by our current switches.

The objective is simple: I have a user with static IP 192.168.10.2, they need to be automatically placed into VLAN 10 on the switch port due to their IP. If a user with IP address 192.168.20.3 connects to the same port, they need to be automatically placed into VLAN 20.

Netgear and HP refer to this as IP-Based VLANs and Cisco refers to it as Dynamic VLANs (MAC-based VLANS).

The packet header is inspected and based on the information, an action is performed from the switch or management plane (software) that would modify the port egress.

With what I have read, it seems that this can only be done via policies - whether on the EOS or XOS.
For my sake, let's remain on the EOS platform. To my understanding, a policy can be deployed to the switch, best case scenario by using Extreme Control - Policy manager.

I would like to confirm my thought, but more to confirm if IP based is possible ? IF IP is not possible, would MAC be possible, and if so, what would the recipe look like ? Would the Layer 3 license be a requirement or can this be done out of the box with Extreme Control ? What else is required ?

Appreciate your responses :)

Dewald
Photo of Dewald Botha

Dewald Botha

  • 674 Points 500 badge 2x thumb

Posted 2 years ago

  • 0
  • 1
Photo of André Herkenrath

André Herkenrath, Employee

  • 1,942 Points 1k badge 2x thumb
You can do it on the switch with mac-based vlans and don't need anything else for that.

You simply configure netlogin with a local database (or a radius server if you like).

You'll find more information here:

https://gtacknowledge.extremenetworks.com/articles/How_To/How-to-configure-Mac-based-Netlogin-with-t...

Best Regards
Photo of Erik Auerswald

Erik Auerswald, Embassador

  • 12,782 Points 10k badge 2x thumb
Hello Dewald,

you can use policies to assign traffic dynamically to specific VLANs. Policies can match on the source IP, that should enable IP based VLANs. The Policy Manager of Extreme Management (I think... the program formerly known as NetSight) enables you to do this easily. The switches need to support policies, but they do not need an advanced (routing / layer 3) license.

Best regards,
Erik
Photo of André Herkenrath

André Herkenrath, Employee

  • 1,942 Points 1k badge 2x thumb
Let's clarify this: 
My approach is working 100% on EXOS Switches, Eric's approach is working 100% on certain EOS Switches.
So if you decide which platform you will use, we can dive deeper in the possibilities...