Menu

#15 Changing a vlan, while PC is still connected

open
nobody
None
5
2005-10-28
2005-10-28
Petunia Hero
No

I recently upgraded from 1.0 to 1.3. One change I
found was that if a switch reconfirms and the vmps is
configured to hand out a different vlan for a port than
what is already assigned to that port, the vmps
responds with a DENY for that port:

Here is my config:

vmps domain ungoliant
vmps mode open
vmps fallback default
vmps no-domain-req deny
vmps-mac-addrs
address 00d0.b7b3.6516 vlan-name VLAN0103

Here is the log:

VQP Request
Unknown: 1
Request Type: 3
Response: 0
No. Data Items: 6
Sequence No.: 48
Client IP address: 10.2.1.54
Port name: Fa0/10
Vlan name: VLAN0102
Domain name: Ungoliant
MAC address: 00d0b7b36516
DENY: 00d0b7b36516 -> (null), switch 10.2.1.54 port Fa0/10

Is this the expected result? I think it's reasonable
that a VLAN would change while a PC is still connected
to the port.

Thanks for any help you can give!
Matthew Wilson
mwilson@uindy.edu

Discussion

  • Dori Seliskar

    Dori Seliskar - 2005-12-29

    Logged In: YES
    user_id=466942

    True - that behaviour has changed. I don't know what is
    correct here. Can somebody check what Cisco VMPS does in
    this situation - I don't have the possibility to check it
    myself.

    In meantime - if you want 1.0 behaviour in 1.3 simply lose
    last comparison in get_vlan around line 268:

    if (
    strcasecmp("",r->vlan) &&
    strcasecmp("--NONE--",r->vlan) &&
    strcasecmp(vlan_name,r->vlan)

    ) return 0;

    should read

    if (
    strcasecmp("",r->vlan) &&
    strcasecmp("--NONE--",r->vlan)

    ) return 0;

     

  • Spacefrog

    Spacefrog - 2006-04-20

    Logged In: YES
    user_id=1506309

    Hi folks,

    this problem is also bothering me...

    1) Dori's question:
    Cisco 6500 behavior is DENY when the VLAN changes

    2) The workaround in modifing line 268 did not work as
    wished. My OpenVMPS-Server showed a strange behavior with
    the "patched" vmpsd like:
    Apr 20 17:21:34 bbl1lit5 vmpsd: ALLOW: 000000000000 -> VMPS-
    GUEST, switch xxx.xxx.86.24 port Vl1

    Or valid members of the vmps.db are denied:

    Apr 20 17:20:20 bbl1lit5 vmpsd: DENY: 00b0d00db520 ->
    (null), switch xxx.xxx.86.34 port Fa0/24

    Are there other/better experiences ?

    OpenVMPS would be a value tool for my environment, but I
    can't implement it with this DENY feature/bug.

    Thanks for further investigations
    Magnus

     

Log in to post a comment.

Want the latest updates on software, tech news, and AI?
Get latest updates about software, tech news, and AI from SourceForge directly in your inbox once a month.