Configuration Guide
166
Configuring MAC VLAN
Overview
1
Overview
VLAN is generally divided by ports. This way of division is simple but isn’t suitable for those
networks that require frequent topology changes. With the popularity of mobile office, a
terminal device may access the switch via different ports. For example, a terminal device
that accessed the switch via port 1 last time may change to port 2 this time. If port 1 and
port 2 belong to different VLANs, the user has to re-configure the switch to access the
original VLAN. Using MAC VLAN can free the user from such a problem. It divides VLANs
based on the MAC addresses of terminal devices. In this way, terminal devices always
belong to their original VLANs even when their access ports change.
The figure below shows a common application scenario of MAC VLAN.
Figure 1-1
Common Application Scenario of MAC VLAN
Meeting Room 1
Laptop A
Laptop B
Meeting Room 2
Switch 3
Switch 1
Switch 2
Server B
VLAN 20
Server A
VLAN 10
Two departments share all the meeting rooms in the company, but use different servers
and laptops. Department A uses Server A and Laptop A, while Department B uses Server
B and Laptop B. Server A is in VLAN 10 while Server B is in VLAN 20. It is required that
Laptop A can only access Server A and Laptop B can only access Server B, no matter which
meeting room the laptops are being used in. To meet this requirement, simply bind the MAC
addresses of the laptops to the corresponding VLANs respectively. In this way, the MAC
address rather than the access port determines the VLAN each laptop joins. Each laptop
can access only the server in the VLAN it joins.