Re: Protected Ports

From: Noble (noble.ccie@gmail.com)
Date: Thu Dec 07 2006 - 10:31:49 ART

• Next message: Tandou Mohamed: "Wireles connection"
• Previous message: Abu Hamzah: "Ethernet Frames History and Usage"
• Maybe in reply to: Noble: "Protected Ports"
• Next in thread: Narbik Kocharians: "Re: Protected Ports"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hi Scott,

Thank you very much.

On 12/7/06, Scott Morris <swm@emanon.com> wrote:
> These are two completely different concepts.
>
> The "switchport block" commands have to do with altering the typical
> behavior of a bridge/switch. While normally a switch keeps a cam table to
> associate MAC addresses to outbound ports, every once and a while a frame
> shows up with a MAC not in the list. The behavior is to flood these frames
> out every port in the corresponding VLAN to assure delivery.
>
> The "switcport block" commands alter this behavior and tell the switch NOT
> to do this for the interface tagged.
>
> "Switchport protected" on the other hand is the private-vlan edge concept
> (pre-private-vlan, or 3550 implementation). Any two ports tagged as
> "protected" within a single VLAN will never speak with each other via
> unicast, broadcast or multicast directly at Layer2.
>
> HTH,
>
>
> Scott Morris, CCIE4 (R&S/ISP-Dial/Security/Service Provider) #4713, JNCIE
> #153, CISSP, et al.
> CCSI/JNCI-M/JNCI-J
> IPExpert VP - Curriculum Development
> IPExpert Sr. Technical Instructor
> smorris@ipexpert.com
> http://www.ipexpert.com
>
>
>
> -----Original Message-----
> From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
> Noble
> Sent: Thursday, December 07, 2006 1:49 AM
> To: Cisco certification
> Subject: Protected Ports
>
> Hi Group,
>
> I am trying to understand the need of adding "switchport block multicast"
> and "switchport block unicast" along with "switchport protected".
>
> I understand that traffic arriving on one protected port will not be
> forwarded out other protected ports. If this is the case why would we need
> to block multicast and unicast using switchport block command.
>
> --
> Thank you,
>
> -Noble
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
>

-- 
Thank you,
-Noble

• Next message: Tandou Mohamed: "Wireles connection"
• Previous message: Abu Hamzah: "Ethernet Frames History and Usage"
• Maybe in reply to: Noble: "Protected Ports"
• Next in thread: Narbik Kocharians: "Re: Protected Ports"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Tue Jan 02 2007 - 07:50:37 ART