Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1019
Views
0
Helpful
2
Replies

Block particular traffic between two ports in a switch

senthil1976
Level 1
Level 1

‎12-21-2008 03:45 AM

Two same type of access devices are connected to the two ports of a switch. Uplink of the switch goes to a MPLS edge router. The access devices are shearing some common vlans of edge router. When the devices communicate between each other via common vlans, normally there communicate via switch, the traffic will not go to router. My requirement is to block a particular vlan communication between the access ports.

Labels:
0 Helpful
2 Replies 2

Giuseppe Larosa
Hall of Fame
Hall of Fame

‎12-21-2008 04:27 AM

Hello Senthilkumar,

private vlans could help:

additional secondary vlans of type isolated or community can be used to allow device to gateway communication only.

see

http://www.cisco.com/en/US/docs/switches/lan/catalyst6500/ios/12.2SX/configuration/guide/pvlans.html

However, if the edge device is performing vRF lite (multi VRF CE) you can add new vlans and new SVIs or subifs on the edge device that can allow ip address overlapping in different non communicating VRFs.

Hope to help

Giuseppe

0 Helpful

mvillarreal_burwood
Level 1
Level 1

‎01-24-2009 03:23 PM

Use the switchport protected command on the switch for each port and that will not forward traffic to other protected port, you can also do a switchport block multicast or unicast to block unknown multicast or unicast traffic to those ports.

0 Helpful
Customers Also Viewed These Support Documents