Chapter 8
Configuring VLANs
How the VMPS Works
Dynamic Port VLAN Membership
A dynamic (nontrunking) port on the switch can belong to only one VLAN. When
the link comes up, the switch does not forward traffic to or from this port until the
VMPS provides the VLAN assignment. The VMPS receives the source MAC
address from the first packet of a new host connected to the dynamic port and
attempts to match the MAC address to a VLAN in the VMPS database.
If there is a match, the VMPS sends the VLAN number for that port. If the client
switch was not previously configured, it uses the domain name from the first VTP
packet it receives on its trunk port from the VMPS. If the client switch was
previously configured, it includes its domain name in the query packet to the
VMPS to obtain its VLAN number. The VMPS verifies that the domain name in
the packet matches its own domain name before accepting the request and
responds to the client with the assigned VLAN number for the client.
If there is no match, the VMPS either denies the request or shuts down the port
(depending on the VMPS secure mode setting). For more information on possible
VMPS responses, see the
"How the VMPS Works" section on page
8-52.
Multiple hosts (MAC addresses) can be active on a dynamic port if they are all in
the same VLAN; however, the VMPS shuts down a dynamic port if more than 20
hosts are active on the port.
If the link goes down on a dynamic port, the port returns to an isolated state and
does not belong to a VLAN. Any hosts that come online through the port are
checked again with the VMPS before the port is assigned to a VLAN.
Catalyst 2900 Series XL and Catalyst 3500 Series XL Software Configuration Guide
8-53
78-6511-05