[OpenVMPS-devel] Changing VLANs while the host is connected
Brought to you by:
dori_seliskar
Menu
▾
▴
[OpenVMPS-devel] Changing VLANs while the host is connected
|
From: Matthew W. <mw...@ui...> - 2005-11-02 19:46:04
|
Hello! First off, thanks so much to the writers of OpenVMPS, we've been able to do wonderful things with it for the past couple years (~2,000 clients). We use OpenVMPS to help us quarentine virus infected hosts. Problem is, when we find an infected host, change the vlan in the config and reconfirm the switch while the PC is still connected, the vmps sends a DENY message. However, if I disconnected the host from the switch, and reconnect, it gets the appropriate vlan. This behavior only became a problem when we upgraded from 1.0 to 1.3. In 1.0, the vmps would send an ALLOW message along with the correct new vlan. Here is my config: ================================== vmps domain ungoliant vmps mode open vmps fallback default vmps no-domain-req deny vmps-mac-addrs address 00d0.b7b3.6516 vlan-name VLAN0103 Here is the log in v1.3: ================================== VQP Request Unknown: 1 Request Type: 3 Response: 0 No. Data Items: 6 Sequence No.: 48 Client IP address: 10.2.1.54 Port name: Fa0/10 Vlan name: VLAN0102 Domain name: Ungoliant MAC address: 00d0b7b36516 DENY: 00d0b7b36516 -> (null), switch 10.2.1.54 port Fa0/10 And now the log (using the same config) using v1.0: ================================== VQP Request Unknown: 1 Request Type: 3 Response: 0 No. Data Items: 6 Sequence No.: 40 Client IP address: 10.2.1.54 Port name: Fa0/10 Vlan name: VLAN0102 Domain name: Ungoliant Vlan name: VLAN0102 MAC address: 00d0b7b36516 ALLOW: 00d0b7b36516 -> VLAN0103, switch 10.2.1.54 port Fa0/10 Is this the expected result? I think it's reasonable that a VLAN could change while a PC is still connected to the port. Is this configurable? Thanks for any help you can give! Matthew |
