04-16-2009 09:36 AM - edited 03-06-2019 05:13 AM
I am looking to isolate ports 1-23 from seeing one another, yet I would like to share port 24 (uplink to Internet connection) with each port.
(so that each computer could see the Internet, but could not see each other)
I've found a million documents which look promising, but never quite address the goal I am trying to reach. If anyone could either share the proper commands with me, or point me to a definitive document, it would help me tremendously.
Thank you!
Solved! Go to Solution.
04-16-2009 09:48 AM
Fuzzy,
Have you ever read this feature?
Configuring Protected Ports
Some applications require that no traffic be forwarded between ports on the same switch so that one neighbor does not see the traffic generated by another neighbor. In such an environment, the use of protected ports ensures that there is no exchange of unicast, broadcast, or multicast traffic between these ports on the switch.
Protected ports have these features:
â¢A protected port does not forward any traffic (unicast, multicast, or broadcast) to any other port that is also a protected port. Data traffic cannot be forwarded between protected ports at Layer 2; only control traffic, such as PIM packets, is forwarded because these packets are processed by the CPU and forwarded in software. All data traffic passing between protected ports must be forwarded through a Layer 3 device.
â¢Forwarding behavior between a protected port and a nonprotected port proceeds as usual.
â¢Protected ports are supported on IEEE 802.1Q trunks.
Please check out this link . C2950 Right?
F.e.
Switch# configure terminal
Switch(config)# interface range fastethernet0/1 - 23
Switch(config-if)# switchport protected
Switch(config-if)# end
HTH,
Toshi
04-16-2009 09:48 AM
Fuzzy,
Have you ever read this feature?
Configuring Protected Ports
Some applications require that no traffic be forwarded between ports on the same switch so that one neighbor does not see the traffic generated by another neighbor. In such an environment, the use of protected ports ensures that there is no exchange of unicast, broadcast, or multicast traffic between these ports on the switch.
Protected ports have these features:
â¢A protected port does not forward any traffic (unicast, multicast, or broadcast) to any other port that is also a protected port. Data traffic cannot be forwarded between protected ports at Layer 2; only control traffic, such as PIM packets, is forwarded because these packets are processed by the CPU and forwarded in software. All data traffic passing between protected ports must be forwarded through a Layer 3 device.
â¢Forwarding behavior between a protected port and a nonprotected port proceeds as usual.
â¢Protected ports are supported on IEEE 802.1Q trunks.
Please check out this link . C2950 Right?
F.e.
Switch# configure terminal
Switch(config)# interface range fastethernet0/1 - 23
Switch(config-if)# switchport protected
Switch(config-if)# end
HTH,
Toshi
04-16-2009 10:02 AM
Toshi;
THANK YOU! I missed the following line when I read through the document the first time, "â¢Forwarding behavior between a protected port and a nonprotected port proceeds as usual." - having missed that line, I didn't think the first 23 ports would talk to the unprotected port. This resolved the issue for me. Thank you very much for the prompt nature of your response - you nailed it!!
10-27-2022 01:44 AM - edited 10-27-2022 01:55 AM
hello
Is there a way to make a vlan group in one step, for example?
interface range fastthernet0/1 - 23
interface range vlan 0/1 - 23
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: