suggestions for multiple vlans in hundreds of switches

Matt Ashfield mda at unb.ca
Thu Apr 19 21:10:22 CEST 2007 

Yeah, there's that too. We need to create  these vlans within the edge
switches as well. Once created, you shouldn't have to touch them again. 

 

Or you don't create them at the edge, and instead just create them in the
core, however that kind of kills the advantage of extending your vlans to
the edge.

 

Matt Ashfield
Network Analyst
Integrated Technology Services
University of New Brunswick
(506) 447-3033
mda at unb.ca

-----Original Message-----
From: robinson santos [mailto:robinson.a.s.santos at gmail.com] 
Sent: April 19, 2007 12:31 PM
To: mda at unb.ca; FreeRadius users mailing list
Subject: Re: suggestions for multiple vlans in hundreds of switches

 

Matt, how about the configuration that you have to have in the switch????

Can you Help me????

Robinson
robinson.a.s.santos at gmail.com

On 4/19/07, Matt Ashfield <mda at unb.ca> wrote:

Hi,

We'd like to use FR to assign users on our wired network to one of 30
different vlans on campus, based on an LDAP field. Currently, we are doing
this with huntgroups. Namely, we create a huntgroup for the NAS (in our 
case, a network switch), and then in the users file, we put the following:

DEFAULT Huntgroup-Name == mySWITCH1, Ldap-Group == staff
       User-Name=`%{User-Name}`,
       Tunnel-Private-Group-Id=176,
       Tunnel-Type=VLAN,
       Fall-Through = no

DEFAULT Huntgroup-Name == mySWITCH1, Ldap-Group == student
       User-Name=`%{User-Name}`,
       Tunnel-Private-Group-Id=177,
       Tunnel-Type=VLAN, 
       Fall-Through = no
And so on...for other groups of user like faculty, admin, etc..

This seems to work. The issue is scale. I have would conceivably have to
have a huntgroup definition in the huntgroups file for each NAS. And if I 
wanted 30 vlans, I'd have to have 30 definitions like the ones above in my
users file for EACH one of my NAS's.

I'm sure there's a simpler way of doing things that I'm missing. Any advice 
is appreciated.

Thanks


Matt
mda at unb.ca



-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html 

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20070419/06f4a864/attachment.html>

More information about the Freeradius-Users mailing list