From: Daniel Cisco Group Study (danielcgs@imc.net.au)
Date: Thu Feb 27 2003 - 06:01:30 GMT-3
I've racked my brain over this one for quite a while now.....
I'm stuck using a single CAT 1900 for now, and I was configuring & testing DLSW+ when I noticed that the two routers being used to test DLSW+ (using DSPU) were communicating directly instead of via the DLSW+ tunnel. I verified that the two routers were connected to two different vlans, and searched high and low for an answer. I verified that there was no other bridging happening and I even turned off DLSW everywhere... I even found that the two routers could ping each other if you hard coded the mac addresses on both routers. So the symptom was as follows - Cat 1900 will not forward broadcasts between vlans (as expected), but will forward unicast between vlans (??????).
I eventually came across the following doc:
The problem that I'm experiencing is described under the section "Limited VLAN Isolation", and the solution is as follows :
"The Enterprise Edition software local VLAN isolation feature prevents this spoofing effect as long as the operator's station AA and the target station BB are connected to the same switch".
So, how do you turn on this "VLAN isolation feature"?
I'm running the latest Enterprise Edition software.
Any ideas?
Daniel
**********************************************************************
This email and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom they
are addressed. If you have received this email in error please notify
the system manager.
This footnote also confirms that this email message has been swept by
MIMEsweeper for the presence of computer viruses.
www.mimesweeper.com
**********************************************************************
This archive was generated by hypermail 2.1.4 : Sat Mar 01 2003 - 11:06:37 GMT-3