Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Search instead for
Did you mean:
Configure Media Access Control (MAC)-Based Virtual Local Area Network (VLAN) Groups on a Switch
A Virtual Local Area Network (VLAN) allows you to logically segment a Local Area Network (LAN) into different broadcast domains. In scenarios where sensitive data may be broadcast on a network, VLANs can be created to enhance security by designating a broadcast to a specific VLAN. Only users that belong to a VLAN are able to access and manipulate the data on that VLAN. VLANs can also be used to enhance performance by reducing the need to send broadcasts and multicasts to unnecessary destinations.
Networking devices on which multiple protocols are running cannot be grouped to a common VLAN. Non-standard devices are used to pass traffic between different VLANs in order to include the devices participating in a specific protocol. For this reason, the user cannot take advantage of the many features of VLAN.
VLAN groups are used to load balance the traffic on a Layer 2 network. The packets are distributed with respect to different classifications and are assigned to VLANs. Many different classifications exist, and if more than one classification scheme is defined, the packets are assigned to the VLAN in this order:
Tag — The VLAN number is recognized from the tag.
MAC-Based VLAN — The VLAN is recognized from the source Media Access Control (MAC)-to-VLAN mapping of the ingress interface.
Subnet-Based VLAN — The VLAN is recognized from the source Subnet-to-VLAN mapping of the ingress interface. To learn how to configure this feature, click here for instructions.
Protocol-Based VLAN — The VLAN is recognized from the Ethernet type Protocol-to-VLAN mapping of the ingress interface.
PVID — VLAN is recognized from the port default VLAN ID.
The MAC-based VLAN classification enable packets to be classified according to their source MAC address. You can then define MAC-to-VLAN mapping per interface. You can also define several MAC-based VLAN groups, which each group containing different MAC addresses. These MAC-based groups can be assigned to specific ports or LAGs. MAC-based VLAN groups cannot contain overlapping ranges of MAC addresses on the same port.
This article provides instructions on how to configure MAC-Based groups on a switch.
1.4.7.05 – Sx500 Series
184.108.40.206 – Sx350 Series, Sx350X Series, Sx550X Series
Configure MAC-Based VLAN Groups on the Switch
Add MAC-Based VLAN Group
Step 1. Log in to the web-based utility and chooseAdvanced from the Display Mode drop-down list.
Note: If you have an Sx500 Series switch, skip to Step 2.
Step 2. Choose VLAN Management >VLAN Groups > MAC-Based Groups.
Note: The available menu options may vary depending on the device model. In this example, SG350X-48MP is used.
Step 3. In the MAC-Based Group Table, click Add.
Step 4. Enter the MAC address to be assigned to a VLAN group. This MAC address cannot be assigned to any other VLAN group.
Note: In this example, 0a:1b:2c:4d:5e:6f is used.
Step 5. Click the radio button that corresponds to the method you want to use to define the Prefix Mask. The prefix mask looks at a certain number of bits and then assigns the MAC address to a VLAN group.
The options are:
Host — The entire MAC address is looked at and put into a group. You can only group MAC addresses one at a time when you use host. If this option is chosen, skip to Step 7.
Length — Only a section of the MAC address is looked at (from left to right) and then placed in a group. The lower the length number, the fewer bits are looked at. This means you can assign a large number of MAC addresses to a VLAN group at once. If this option is chosen, enter the length of the prefix mask in the Length field.
Note: In this example, Length is chosen and 12 is used.
Step 6. In the Group ID field, enter an ID to identify the MAC-Based VLAN group.