dynamic VLANs for many switches

PENZ Robert ROBERT.PENZ at tirol.gv.at
Thu Jun 10 13:26:38 CEST 2010


Hi!

We've a quite big network and I want to assign VLANs dynamically based on the MAC address, as backend I want to uses a SQL database.  My problem now is that the VLAN IDs on different access switch stacks (used Layer2 switches) are different for the same network area,  e.g. on switch1  vlan 123 is used for printers and on switch2 vlan124 is used for printers. The reason for this is the Layer3 switch (which we use as a distribution switch of the building) needs to be part of all VLANs and we can't use one VLAN for a building as the subnet would get too big.  A other requirement is that a device can roam between different access switches(=floors and buildings), so the VLAN the switch port should get set needs to be different, based on which switch is making the request.

This problem is easily solvable if I can use VLAN names in Tunnel-Private-Group-ID tags, as I would set the name always e.g. to printervlan. But in RFC 3580 is written:

   Note that the VLANID is 12-bits, taking a value between 1 and 4094,
   inclusive.  Since the Tunnel-Private-Group-ID is of type String as
   defined in [RFC2868], for use with IEEE 802.1X, the VLANID integer
   value is encoded as a string.

So what is the recommended solution if I can use only the numerical IDs. Thx for your help!


Mit freundlichen Grüßen
Robert Penz

----------------------------------------------------
Dipl. Inf. Robert Penz
DVT-Daten-Verarbeitung-Tirol GmbH
Adamgasse 22, 6020 Innsbruck
Tel: +43 512 508 3334 / Fax: +43 512 508 3355
eMail: robert.penz at tirol.gv.at





More information about the Freeradius-Users mailing list