Alcatel Carrier Internetworking Solutions Switch/Router AutoTracker VLANs

AutoTracker VLANs

Page 22-3

AutoTracker VLANs

AutoTracker VLANs enable you to control communications between end stations in your

network. You define policies that determine membership in the VLAN and AutoTracker auto-

matically locates ports or devices within the Group that fit the policies and places them into

the VLAN.

You can define physical policies or logical policies (or combinations thereof) to determine

membership in AutoTracker VLANs. Physical policies consist of port rules: you define the

VLAN members as one or more specific ports and VLAN membership is limited to the ports

defined and the MAC addresses of devices connected to those ports.

Logical VLAN policies can consist of MAC address rules, protocol rules, network address rules,

or user-defined rules. Ports are assigned to VLANs that have logical rules when the MPX exam-

ines frames that originate from devices connected to the Group’s set of ports. If a frame is

received that matches a logical VLAN rule, the source device’s MAC address and the port to

which the source device is connected are both made VLAN members.

The members of an AutoTracker VLAN thus consist of source devices originating frames that

fit the VLAN’s policies and the ports to which those source devices are connected. Instruc-

tions for creating AutoTracker VLANs begin on page 22-16.

You can define a maximum of 32 AutoTracker policies of each type per Group. There is no

restriction on the number of rules you can define per VLAN, as long as the maximum number

of policies for the Group is not exceeded.

A switch port – or a device connected to a switch port – can belong to more than one VLAN

simultaneously, as determined by the rules the port or device matches. A port or device is

included in a VLAN if it matches any one rule.

You can define the following types of rules:

Port Policies. Port policies enable you to define membership in the VLAN on the basis of ports.

Members of the VLAN will consist of devices connected to specific ports on one switch or on

multiple switches in the Group.

MAC Address Policies. MAC address policies enable you to define membership in the VLAN on

the basis of devices’ MAC addresses. This is the simplest type of rule and provides the maxi-

mum degree of control and security. Members of the VLAN will consist of devices with

specific MAC addresses. These devices may all be connected to one switch or they may be

connected to different switches in the Group. A maximum of 10,240 MAC addresses are

supported per policy.

Protocol Policies. Protocol policies enable you to define membership in the VLAN on the basis

of the protocol that devices use to communicate. All devices that communicate with the speci-

fied protocol become members of the VLAN.

You can specify VLAN membership according to the following protocols: IP, IPX, AppleTalk,

or DECNet. In addition, you can specify membership according to Ethernet type, source and

destination SAP (service access protocol) header values, or SNAP (sub-network access proto-

col) type.