What MUX VLAN represent

24

Configuring a MUX VLAN allows users in different VLANs to communicate with each other, and separates users in a certain VLAN.

Other related questions:
What are the subordinate VLANs of the switch MUX VLAN
The subordinate VLANs include: 1. Separate VLAN: Subordinate separate VLAN, whose port is a separate port. Separate ports cannot communicate with each other or ports of other VLANs. They can communicate only with their own bound principal ports. Each separate VLAN must be bound to a principal VLAN. 2. Group VLAN: subordinate group VLAN, whose port is a group port. Group ports in a VLAN can communicate with each other and their own principal ports but cannot communicate with group or separate ports in other VLANs. Each group VLAN must be bound to a principal VLAN. The MUX VLAN function is used to isolate Layer 2 traffic between ports on a VLAN. For example, on an enterprise network, employee ports and customer ports can communicate with the server ports; employee ports in the same group can communicate with each other; but customer ports cannot communicate with each other. According to features of the preceding VLANs, the enterprise can add the server ports to the principal VLAN, add employee ports to a subordinate group VLAN, and add customer ports to a subordinate separate VLAN.

What is MUX VLAN on S series switch
On S series switches (except S1700), Multiplex VLAN (MUX VLAN) provides a mechanism that controls network resources through VLANs. The MUX VLAN involves a principal VLAN and multiple subordinate VLANs. Subordinate VLANs are classified into group VLANs and separate VLANs. Member interfaces in subordinate VLANs can communicate with interfaces in the principal VLAN but cannot communicate with each other. Interfaces in a subordinate group VLAN can communicate with each other, but interfaces in a subordinate separate VLAN are isolated from each other.

Default MUX VLAN configuration on S series switch
By default, the MUX VLAN function is disabled on interfaces of S series switches (except S1700). To enable this function on an interface, run the port mux-vlan enable command on the interface.

Precautions for configuring MUX VLAN on S series switch
When configuring MUX VLAN on S series switches (except S1700), pay attention to the following points: 1. If a specified VLAN has been used as a principal VLAN, it cannot be configured for VLAN mapping, VLAN stacking, super-VLANs, or sub-VLANs. 2. If a specified VLAN has been used as a group VLAN or separate VLAN, it cannot be used to create VLANIF interfaces or configured for VLAN mapping, VLAN stacking, super-VLANs, or sub-VLANs. 3. Prohibiting MAC address learning on interfaces or limiting the number of MAC addresses learned on interfaces will affect the MUX VLAN function. 4. MUX VLAN and port security cannot be configured on the same interface. 5. MUX VLAN and MAC address authentication cannot be configured on the same interface. 6. MUX VLAN and 802.1x authentication cannot be configured on the same interface. 7. When both DHCP snooping and MUX VLAN are configured, a DHCP client cannot obtain an IP address if the DHCP server is at the subordinate VLAN side and the DHCP client is at the principal VLAN side. To avoid this problem, configure the DHCP server at the principal VLAN side. 8. After MUX VLAN is enabled on an interface, this interface cannot have VLAN mapping or VLAN stacking configured. 9. A VLANIF interface can be created for a principal VLAN but not for subordinate group VLANs or subordinate separate VLANs. If a VLANIF interface is created for the principal VLAN in a MUX VLAN, the port mux-vlan enable vlan vlan-id command cannot be configured on interfaces of SA cards on S series switches to enable any VLAN in the MUX VLAN, including principal and subordinate VLANs.

Is MUX VLAN on CE switches applicable to multi-tenant isolation in data centers
Multiple tenants in data centers need to be isolated, but switches cannot implement refined isolation. Therefore, MUX VLAN applies only to office networks of small enterprises, but does not to multi-tenant scenarios in large data centers.

If you have more questions, you can seek help from following ways:
To iKnow To Live Chat
Scroll to top