5.2.1 Coexistence of Layer 2 authentication and other functions
The following table describes the specifications for interoperability between Layer 2 authentication and other functionality.
Layer 2 Authentication functionality |
Function name |
Interoperability |
|
---|---|---|---|
IEEE802.1 |
MAC Address Table |
MAC address-learning suppression |
VLAN and its VLAN cannot be used at the same time. |
Static MAC address |
Cannot be used on a port with static MAC addressing. |
||
VLAN |
Protocol VLAN |
Cannot coexist on the same device. |
|
MAC VLAN |
Can be used in dynamic VLAN mode. |
||
Extended VLAN Functionality |
VLAN tunneling |
Cannot coexist on the same device. |
|
EAPOL forwarding |
Cannot coexist on the same device. |
||
Spanning Tree Protocols |
Cannot be used on a port for which Spanning Tree is set. |
||
Ring Protocol |
It cannot be used with a ring port for which a Ring Protocol has been set. |
||
IGMP snooping |
You can use the authentication port. However, IGMP snooping packets are not subject to authentication. In dynamic VLAN, do not connect a multicast router to an authenticated port. |
||
MLD snooping |
Cannot coexist on the same device. |
||
DHCP Snooping |
Cannot be used on a port for which DHCP snooping terminal filters have been set. |
||
GSRP aware |
It cannot be used on a port on which a GSRP aware is running. |
||
Uplink Redundancy |
Cannot be used for uplink port pairs |
||
IEEE 802.3ah/UDLD |
Cannot be used on a port for which a IEEE802.3ah/UDLD has been set. |
||
CFM |
Cannot be used at the same time on a port for which a CFM has been set. |
||
Web Authentication |
MAC Address Table |
MAC address-learning suppression |
VLAN and its VLAN cannot be used at the same time. |
Static MAC address |
Cannot be used on a port with static MAC addressing. |
||
VLAN |
Port VLAN |
Can be used in fixed VLAN mode. |
|
Protocol VLAN |
Cannot coexist on the same device. |
||
MAC VLAN |
Can be used in dynamic VLAN mode. |
||
Default VLAN |
Can be used in fixed VLAN mode. Can also be used as the pre-authentication VLAN in dynamic VLAN mode. |
||
Extended VLAN Functionality |
VLAN tunneling |
Cannot coexist on the same device. |
|
EAPOL forwarding |
Can be used on the same device. |
||
Spanning Tree Protocols |
Cannot be used for ports configured for Spanning Tree Protocols. |
||
Ring Protocol |
It cannot be used with a ring port for which a Ring Protocol has been set. |
||
IGMP snooping |
You can use the authentication port. However, IGMP snooping packets are not subject to authentication. In dynamic VLAN, do not connect a multicast router to an authenticated port. |
||
MLD snooping |
Cannot coexist on the same device. |
||
DHCP Snooping |
Cannot be used on a port for which DHCP snooping terminal filters have been set. |
||
GSRP aware |
Cannot be used on a port on which GSRP aware is running. |
||
Uplink Redundancy |
Cannot be used for uplink port pairs |
||
IEEE 802.3ah/UDLD |
Cannot be used on a port for which a IEEE802.3ah/UDLD has been set. |
||
CFM |
Cannot be used at the same time on a port for which a CFM has been set. |
||
MAC-based Authentication |
MAC Address Table |
MAC address-learning suppression |
VLAN and its VLAN cannot be used at the same time. |
Static MAC address |
Cannot be used on a port with static MAC addressing. |
||
VLAN |
Port VLAN |
Can be used in fixed VLAN mode. |
|
Protocol VLAN |
Cannot coexist on the same device. |
||
MAC VLAN |
Can be used in dynamic VLAN mode. |
||
Default VLAN |
Can be used in fixed VLAN mode. Can also be used as the pre-authentication VLAN in dynamic VLAN mode. |
||
Extended VLAN Functionality |
VLAN tunneling |
Cannot coexist on the same device. |
|
EAPOL forwarding |
Can be used on the same device. |
||
Spanning Tree Protocols |
Cannot be used for ports configured for Spanning Tree Protocols. |
||
Ring Protocol |
It cannot be used with a ring port for which a Ring Protocol has been set. |
||
IGMP snooping |
You can use the authentication port. However, IGMP snooping packets are not subject to authentication. In dynamic VLAN, do not connect a multicast router to an authenticated port. |
||
MLD snooping |
Cannot coexist on the same device. |
||
DHCP Snooping |
Cannot be used on a port for which DHCP snooping terminal filters have been set. |
||
GSRP aware |
Cannot be used on a port on which GSRP aware is running. |
||
Uplink Redundancy |
Cannot be used for uplink port pairs |
||
IEEE 802.3ah/UDLD |
Cannot be used on a port for which a IEEE802.3ah/UDLD has been set. |
||
CFM |
Cannot be used at the same time on a port for which a CFM has been set. |