H3C S7500E Series Ethernet Switches Operation Manual
Operation Manual – 802.1x - MAC Authentication
H3C S7500E Series Ethernet Switches Chapter 1 802.1x Configuration
1-4
z After a user passes the authentication, the authentication server passes
information about the user to the authenticator, which then controls the status of
the controlled port according to the instruction of the authentication server.
1.1.3 EAP Encapsulation over LANs
I. EAPOL frame format
EAPOL, defined by 802.1x, is intended to carry EAP protocol packets between
supplicants and authenticators over LANs.
Figure 1-3 shows the EAPOL frame format.
Figure 1-3 EAPOL frame format
z PAE Ethernet type: Protocol type. It takes the value 0x888E.
z Protocol version: Version of the EAPOL protocol supported by the EAPOL frame
sender.
z Type: Type of the EAPOL frame. Table 1-1 lists the types that the device currently
supports.
Table 1-1 Types of EAPOL frames
Type Description
EAP-Packet (a value of
0x00)
Frame for carrying authentication information, present
between an authenticator system and the authentication
server.
A frame of this type is repackaged and transferred by
RADIUS to get through complex networks to reach the
authentication server.
EAPOL-Start (a value
of 0x01)
Frame for initiating authentication, present between a
supplicant and an authenticator.
EAPOL-Logoff (a value
of 0x02)
Frame for logoff request, present between a supplicant
and an authenticator.
z Length: Length of the data, that is, length of the Packet body field, in bytes. If the
value of this field is 0, no subsequent data field is present.
z Packet body: Content of the packet. The format of this field varies with the value of
the Type field.