Menu
▾
▴
Re: [Packetfence-users] Support for multiple devices (MAC's) under a switch port
|
From: Aaron . <au...@gm...> - 2010-12-23 00:14:27
|
Hi Everyone i would like to know if this mail has an answer Regards 2010/11/10 Hsin-mu Tsai <hs...@cs...> > Hi, > > We are currently evaluating whether it is possible to use packetfence > in our environment. I have done some research on the maillist but > couldn't find an exact answer. > > Here is a short version of my question: does packetfence support the > use case of having multiple devices (MAC addresses) under one switch > port (in vlan mode)? > > Let me know explain a little bit more about our environment. Our core > switch and access switches are mostly cisco (3750 and 2960) ones, > which are supported by packetfence according to the documentation. > However, the problem is that when the network cables are deployed > throughout our building, each laboratory in our department only gets 3 > cables (and, hence, 3 ports on the access switch). This is obviously > not enough for the lab as they usually have 10-20 devices, and have > their own unmanaged small switches. An obvious solution would be to > renew the cable infrastructure and add more access switches, but we > currently don't have the budget to do so. Hence, the multiple MAC > addresses under one switch port problem. > > We want to implement a basic registration mechanism, so that all > devices on our network are associated with a user in our department > and if new devices without registration are plugged in they will be > blocked. The registration process doesn't have to be done on the new > device since we can ask the user to register new ones using an already > registered computer or submit the request to the network administrator > via e-mail. Can packetfence simply add registered devices to the > secure MAC address list and increase the maximum allowed MAC on the > switch? (and therefore, the switch will block any unregistered new > devices) As for isolation, since all devices on the same switch port > belong to the same lab, it is okay to put all of them to the isolation > vlan if there's a violation from any of those devices. > > We understand that the feature we are interested in might need some > modifications to the current version of packetfence. If that is the > case, where do we start? > > Since we are obviously very new to packetfence, we would appreciate > any advice to our particular use case. Looking forward to hearing from > you guys. Many thanks. > > Best wishes, > -Michael > > -- > Hsin-Mu (Michael) Tsai > Assistant Professor > Department of Computer Science and Information Engineering/ > Graduate Institute of Networking and Multimedia > National Taiwan University > E-Mail: hs...@cs... > Office: +886-2-33663366 ext 50029 or +886-2-33664888 ext 316 > > > ------------------------------------------------------------------------------ > Centralized Desktop Delivery: Dell and VMware Reference Architecture > Simplifying enterprise desktop deployment and management using > Dell EqualLogic storage and VMware View: A highly scalable, end-to-end > client virtualization framework. Read more! > http://p.sf.net/sfu/dell-eql-dev2dev > _______________________________________________ > Packetfence-users mailing list > Pac...@li... > https://lists.sourceforge.net/lists/listinfo/packetfence-users > |
