1-11 HABP ConfigurationWhen configuring HABP, go to these sections for the information you are interested in:z Introduction to HABPz Configuring HABPz Displaying and Maintaining HABPz HABP Configuration ExampleIntroduction to HABPThe HW Authentication Bypass Protocol (HABP) is used to enable the downstream network devices ofan 802.1X or MAC authentication enabled access device to bypass 802.1X authentication and MACauthentication.As shown in Figure 1-1, 802.1X authenticator Switch A has two switches attached to it: Switch B andSwitch C. On Switch A, 802.1X authentication is enabled globally and on the ports connecting thedownstream network devices. The end-user devices (the supplicants) run the 802.1X client software for802.1X authentication. For Switch B and Switch D, where 802.1X client is not supported (which istypical of network devices), the communication between them will fail because they cannot pass 802.1Xauthentication and their packets will be blocked on Switch A. To allow the two switches to communicate,you can use HABP.Figure 1-1 Network diagram for HABP applicationInternetSwitch B Switch CAuthenticatorSupplicantSwitch ASupplicant SupplicantSwitch D Switch EAuthenticationserverHABP is a link layer protocol that works above the MAC layer. It is built on the client-server model.Generally, the HABP server is assumed by the authentication device (which is enabled with 802.1X orMAC authentication, such as Switch A in the above example), and the attached switches function as theHABP clients, such as Switch B through Switch E in the example. No device can function as both anHABP server and a client at the same time. Typically, the HABP server sends HABP requests to all itsclients periodically to collect their MAC addresses, and the clients respond to the requests. After the