From: Ivan (ivan@iip.net)
Date: Sun Nov 19 2006 - 08:14:08 ART
switchport block unicast|multicast block packet for unknown unicast
MAC-addresses and multicast address. Unknown MAC-address is address wich not
in local mAC-address table. If arrived packet to such address switch will
flood packet through all ports except arrived interface. To filter such
flooding from any port switchport blocking command need to apply.
Therefore if you apply this command you filter only unknown unicast multicast,
but also filter out exchange not only between A & B.
I think you must use private vlan. Host A and B can exchage only through
router C. Multicast traffic will dropped autmaically. Cause input/output
interface the same. As for unicast ACL list can be used.
On Sunday 19 November 2006 13:37, V Shekhar wrote:
> If the 1st requirent asks, to make sure two hosts (A &B) connected via a
> switch should not communicate directly. (Should do Via host C). Hence I
> configure A & B connected to protected ports.
> And the second requirement asks to block any unicast and multicast exchange
> between A &B, Do I really need to use the "switchport block
> unicast|Multicast" on A & B switch port? I think "Switchport protected"
> will block any unicast and multicast between A & B as well.
>
> Comments?
> -sHekHar.
>
>
>
>
>
> ___________________________________________________________________________
>_________ Sponsored Link
>
> Online degrees - find the right program to advance your career.
> Www.nextag.com
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
-- Ivan
This archive was generated by hypermail 2.1.4 : Fri Dec 01 2006 - 08:05:47 ART