|
|
You can use the UserTracking application to manage dynamic VLANs using the VLAN Management Policy Server (VMPS). The UserTracking application also allows you to update the port mapping information located in the VMPS server.
This chapter describes the following topics:
VMPS allows you to assign a switch port to a VLAN dynamically, based on the source Media Access Control (MAC) address of the host connected to the port. With dynamic ports, you can move a host from a port on one switch to a port on another switch in the network. The port to which you connect the host will then be assigned to the proper VLAN. You must have at least one Catalyst 5000 switch running VMPS in each network domain in which you use dynamic ports.
Dynamic ports work in conjunction with VMPS servers, which contain the database of MAC-to-VLAN mappings. When the client is connected, a dynamic port is isolated from its static VLAN. The switch sends the source MAC address from the first packet of a new host on the dynamic port to the VMPS server, which provides the VLAN number to which this port must be assigned.
Multiple hosts (MAC addresses) can be active on a dynamic port if they are all in the same VLAN. When the client is disconnected, a dynamic port moves back to a state in which it is isolated from other VLANs, and the port ends in its initial state.
The VMPS mapping information you specify in the UserTracking application is used only when you connect an end-user node to a dynamic port. When you connect an end-user node to a static port, the node is connected to the VLAN that is statically associated with that port. The UserTracking information about MAC-to-VLAN mappings does not apply to these nodes, but basic identification and location information about the nodes is displayed in the UserTracking application.
Table 3-1 is a quick overview of dynamic VLAN management in your network. For a more detailed description refer to these sections.
| Task Description | Configuration Tools | Section |
|---|---|---|
Configure the VMPS database file and enable the VMPS server on the Catalyst switch. | Command Line Interface, FTP, CiscoView | |
Specify login information for one or more TFTP servers, review or enter new configuration information that is not generated by UserTracking, and update the TFTP servers. | UserTracking application | |
Select which VTP domains to update the VMPS servers and update the servers. | UserTracking application |
You can use CiscoView or the command-line interface to configure the VMPS server. To configure the VMPS server, follow these steps:
Step 1 Create a VMPS database file on the TFTP server home directory.
You can specify any filename. The default name the VMPS server requests is vmps-config-database.1.
The minimum information that you must place in the file is as follows:
vmps domain domain_name vmps mode open vmps fallback backup_vlan
The domain name must match the switch VTP domain. The backup VLAN should be the VLAN that you want users placed in if the VMPS server receives a mapping request for a MAC address that is not in the table.
Step 2 Enable the VMPS server on a Catalyst switch:
set vmps tftpserver ip_address set vmps state enable
Step 3 Set the IP address of the VMPS client which your dynamic ports will reside on:
set vmps server ip_address
Step 4 To see which server is primary or backup, enter the following command:
show vmps
Step 5 Repeat Step 3 for other Catalyst switches that are VMPS clients in your domain.
You are now ready to create dynamic VLANs in your network. For instructions see the "Configuring TFTP Information" section.
For more information, refer to "Configuring Dynamic Port VLAN Membership with VMPS" in the Catalyst 5000 Series Software Configuration Guide.
When you download the UserTracking information to VMPS, you send configuration information stored in the CWSI Campus database to one or more VMPS servers. However, because UserTracking cannot download to a VMPS server directly, it uses an intermediate TFTP server, and an FTP server to transfer this information. Therefore, to download to a VMPS server, you need to do the following tasks:
To update the TFTP servers, complete the following tasks:
To update the TFTP server, follow these steps:
Step 1 Select Action>Configure TFTP Servers from the UserTracking main window.
The TFTP Configuration window opens (Figure 3-1). The VTP domains for where you might access TFTP and VMPS information are displayed in the Select Domain list.
Step 2 Select a VTP domain from the Select Domain list.
The TFTP Servers area displays the IP address or host name and default directory for each TFTP server that provides VMPS information to the selected domain.
Step 3 For each TFTP server you want to update, follow these steps:
(a) Enter the username for the FTP server in the Login Name field.
(b) Enter the password for the FTP server in the Login Password One field.
(c) Reenter the password for verification in the Login Password Two field.
(d) Enter the name of the directory to use for the TFTP file in the Directory field.
Step 4 Click Apply.
To discard all the information you have entered in the TFTP Servers area and restore the login information to its state when it was last downloaded or applied, click Restore.
Step 5 Click again on the VTP domain to display the configuration.
Step 6 Review and make any necessary changes in the displayed configuration file.
Any information you enter here will be written to the configuration file when you update the TFTP server.
Step 7 Click Apply to save the displayed configuration within UserTracking.
Click Restore to discard all the information you have entered in the TFTP Groups and Port Restrictions area and restore the configuration information to its state when it was last downloaded or applied.
Step 8 Click Download to download the configuration to the TFTP servers in the selected domain.
To update TFTP servers in other VTP domains, repeat Step 2 through Step 8.
Step 9 Click Close.
The TFTP configuration file has two groups of information:
The UserTracking application generates MAC-to-VLAN information from the UserTracking data stored in the CWSI Campus database. UserTracking acquires information from the network and from modifications and additions made by users from UserTracking.
You cannot modify the contents of the MAC-to-VLAN mappings that UserTracking creates. If you want to examine the mappings that UserTracking generates, you can view the file on the TFTP server after you download it to the TFTP server from UserTracking.
The UserTracking application does not generate or modify the Groups and Ports Restrictions information. UserTracking reads this information from the TFTP servers in your network and displays it in the text area of the Configure TFTP Servers window.
You can modify this information and then click the Apply button at the bottom of the window. When you click Apply the UserTracking client sends the changes you have made to the ANI server. Clicking Apply does not update the TFTP server. To have UserTracking build a mapping file with MAC-to-VLAN mappings and Group and Port Restrictrions information and send it to the TFTP server, click Download.
After you update the TFTP servers with the current configuration information, you can update the VMPS servers.
To update the VMPS servers, follow these steps:
Step 1 Select Action>Update VMPS Servers from the UserTracking main window.
The Update VMPS Servers window opens (Figure 3-2).
Step 2 Select the VTP domains where you want to update VMPS servers.
Step 3 Click Update to update the selected VMPS servers from the TFTP server.
The UserTracking application sends a message to each of the VMPS servers in the domains you selected instructing the VMPS server to retrieve the mapping file from its TFTP server.
Posted: Thu Sep 30 12:05:28 PDT 1999
Copyright 1989-1999©Cisco Systems Inc.