Device Online Help # Go back one pageGo to the next page#Go to this book's Index

About policy-based VLANs

A policy-based VLAN is a VLAN in which ports are dynamically added to the VLAN based on the traffic coming into the port.

In a policy-based VLAN on a Passport 8000 Series routing or edge switch, ports are designated as always a member or never a member of the VLAN. In addition, you can designate a port as a potential member of the VLAN on the 8000 Series switch. When a port is designated as a potential member of the VLAN, and the incoming traffic matches the policy, the port is dynamically added to the VLAN. Potential member ports that joined the VLAN are removed ("timed out") from the VLAN when that VLAN's timeout ("aging time") period expires.

A port's membership in a VLAN is determined by the traffic coming into the port; therefore, Nortel Networks recommends that at least some ports be designated as always a member of the VLAN. One situation in which a port should be designated always a member of a VLAN is if a server or router connects to the port. If a server is connected to a port that is only a potential member and the server sends out very little traffic, a client will fail to reach the server if the server port has timed out of the VLAN.


Note Note: A port can belong to one port-based VLAN and many policy-based VLANs.

The following table lists supported policy-based VLANs by module type:


VLAN type 8600 8100
Protocol-based
supported
supported
User-defined protocol-based
supported
unsupported
MAC address-based
supported
unsupported
IP subnet-based
supported
unsupported
Stacked VLANs
supported
unsupported

See also:


Go back one pageGo to the next page##Go to this book's Index