Misplaced Pages

VQP

Article snapshot taken from Wikipedia with creative commons attribution-sharealike license. Give it a read and then ask your questions in the chat. We can research this topic together.
VLAN Query Protocol
This article has multiple issues. Please help improve it or discuss these issues on the talk page. (Learn how and when to remove these messages)
This article includes a list of references, related reading, or external links, but its sources remain unclear because it lacks inline citations. Please help improve this article by introducing more precise citations. (May 2018) (Learn how and when to remove this message)
This article relies excessively on references to primary sources. Please improve this article by adding secondary or tertiary sources.
Find sources: "VQP" – news · newspapers · books · scholar · JSTOR (May 2018) (Learn how and when to remove this message)
(Learn how and when to remove this message)

The VLAN Query Protocol (VQP) was developed by Cisco and allows end-devices on LANs to be authenticated via their MAC address and an appropriate VLAN attributed to the port, using a VLAN Management Policy Server (VMPS). VQP is a Cisco-only protocol that is supported only by older switches running CatOS. Many vendors (including Cisco) have turned to support dynamic VLAN assignments using the 802.1X authentication protocol with a Radius server that has additional attributes designating the VLAN.

Details

Upon physically connecting a device to a port of a switch configured as a VLAN Management Policy Server (VMPS) client, the switch begins listening for packets, and encapsulates and rebroadcasts the first packet received into a VQP packet, which is sent to one of up to two configured VMPS servers on port udp/1589. The VMPS server will give one of 4 responses (Allow, Deny, Shutdown, Wrong_Domain) and the switch will either assign the port to the appropriate VLAN, put the port back into the pre-confirmation state, shut down the port until the device or another one is physically reconnected, or log an error indicating that it is incorrectly configured. The latter result is often due to Cisco documentation failing to mention that the domain name in the VMPS configuration file must match the VLAN Trunking Protocol (VTP) domain name.

If reconfirmation of VLAN assignment is required, it is done in the same manner as initial confirmation, with the exception of including the currently assigned VLAN for the port in the VQP packet. Reconfirmation is done periodically based on configuration directives of the client switches, or can be forced with a switch command line directive.

The VQP Protocol has no checksums, encryption or authentication of either the client or the switch messages. The protocol also does not include scope to send a message to the server informing that a device has been disconnected.

References

External links

Category: