10-28-2022 07:18 AM
What is the significance/impact of using switchport protected in Trunk ports that connect two switches? For eg.
SW1
int gi0/1-->Access VLAN 10-->switchport protected-->Host A
int gi0/24-->Switchport mode Trunk-->switchport protected (des link to SW2)
********
SW2
int gi0/1-->Access VLAN 10-->switchport protected-->Host B
int gi0/24-->Switchport mode Trunk-->switchport protected (des link to SW1)
*****
Can hosts A & B ping each other if these are layer 2 switches? What about STP bpdu etc? My goal is to block layer 2 communication. Thinking alternative options to private vlans.
10-28-2022 07:31 AM
can I know why ? instead block STP BPDU use filter BPDU and this make SW never send BPDU.
BUT BUT this is so risky, it can cause loop.
10-28-2022 08:37 AM
This has nothing to do with STP. Basically, the only goal is to block end-hosts L2 communication within VLAN. But my concern is what happens when the VLAN is spanned across multiple L2 switches, will it work since there will be a trunk port in between, and if there are any impact?
10-28-2022 07:35 AM
According to the description in this link, it appears that a protected port is similar to a private vlan where 2 hosts can not communicate with each other unless they use a layer-3 device.
HTH
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide