Enabling MAC authentication multi-VLAN mode

The MAC authentication multi-VLAN mode enables a port to forward packets for an authenticated user in up to five VLANs without re-authentication. When the port receives a packet sourced from the authenticated MAC address in a different VLAN, the device neither re-authenticates the user nor updates the original MAC-VLAN mapping. A new MAC-VLAN mapping is created for the MAC address.

This feature improves transmission of data that is vulnerable to delay and interference. It is applicable for scenarios where a user will send various types of traffic in multiple VLANs.

To enable MAC authentication multi-VLAN mode:

Step

Command

Remarks

1. Enter system view.

system-view

N/A

2. Enter Layer 2 Ethernet interface view.

interface interface-type interface-number

N/A

3. Enable MAC authentication multi-VLAN mode.

mac-authentication host-mode multi-vlan

By default, this feature is disabled on a port. The port forwards packets for an authenticated user only in the VLAN where the user is authenticated.