Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Dynamic Vlan

Status
Not open for further replies.

shetoshandasa

Instructor
Dec 25, 2008
17
EG
Hi again,

i know that there are two methods for VLANs , either Static or Dynamic.

Considering the dynamic one , we mainly use VMPS server method which depends on a database file in the server links the mac address to the appropriate VLAN.

But as we know it takes along time for the administrator to fill this database if we have an enterprise of 500 user for example.

Is there any other dynamic Vlan method(based on mac address ) other than VMPS to direct each PC to a specific VLAN ?

i means if user X logged on the network from any socket , he will be directed to his vlan.

this will be better instead of writing down 500 PC mac in the database.

Thanks in advance
 
i have tried alot to find another method , but found nothing !!

IS there any solution ?
 
I can read about them again (been a while since the CCNA stuff), but I think the use of dynamic vlans is rare. Any reason to not use static vlans? They are much more reliable, and you have more control. It takes the pc having to hunt for the database and the database to write back to the pc all out of the equation---just another thing in the way if a user loses connectivity---another troubleshooting step, etc, complicates things...

Burt
 
really i know that , i always used to use the static one in my work ..

now i'm in the ccnp track and a report about this type of dynamic VLANs is required..

it's to important also for my company to work on.

Hint :the dynamic VLANs are not declared in the CCNA and predefined in CCNP , so i can hardly find the VMPS method, but failedto find the second one which i mentioned before
 
They were in the CCNA track when I went through it all...I will look in my old notes then...

Burt
 
i means if user X logged on the network from any socket , he will be directed to his vlan."
How else would the database know what vlan to assign a certain pc to? IP address? 500 users---just as tedious.

"Hint :the dynamic VLANs are not declared in the CCNA and predefined in CCNP , so i can hardly find the VMPS method, but failedto find the second one which i mentioned before"

VMPS is barely mentioned in CCNP new track from what I see...I will look in my old CCNA cirriculum as soon as I find it...

Burt
 
it's ok .. thanks alot , i will try to do more searches too,
really thanks for your sharing.
 
OK---the only method mentioned is indeed VMPS. All that does is assign pc's to vlans according to MAC address. In order for a pc to belong to a vlan, you can either set up the VMPS server, enter all the MAC addresses into the database, and point the switch to the server...OR---make the access ports and plug the pc into that port. That's it---you decide. You can pay a lot of money and put CiscoWorks or Cisco ACS onto a RADIUS/TACACS+ server, or just do static vlans. To tell you the truth, I don't know why the dynamic method even exists...

Burt
 
That's right , the radius server is that which was required.

i found it 2 houres before you announce about it , but you made me sure.

its method or IDEA depends on a concept called AAA which stands for << Authentication , Authorization and accounting >>.

that means the radius database will allow a relation between
{use name and password} <--> {Vlan ID}
instead of
{MAC address} <--> {Vlan ID} in the VMPS Server.

the user will be allowed to logon his specified VLAN only if he entered the correct user name and password of his account
 
It seems like it would be a bad idea to have all of your user vlans on all your access layer switches to keep your hosts in their same subnets.
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top