Re: Protected Ports

From: Narbik Kocharians (narbikk@gmail.com)
Date: Thu Dec 07 2006 - 13:11:36 ART

• Next message: Scott Morris: "RE: Protected Ports"
• Previous message: Scott Morris: "RE: BGP and Origin Attribute"
• Maybe in reply to: Noble: "Protected Ports"
• Next in thread: Scott Morris: "RE: Protected Ports"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

You can read a little more about it here.

http://cisco.com/univercd/cc/td/doc/product/lan/cat3750/12114ea1/3750scg/swtrafc.htm#1104913

On 12/7/06, Noble <noble.ccie@gmail.com> wrote:
>
> Hi Scott,
>
> Thank you very much.
>
>
> On 12/7/06, Scott Morris <swm@emanon.com> wrote:
> > These are two completely different concepts.
> >
> > The "switchport block" commands have to do with altering the typical
> > behavior of a bridge/switch. While normally a switch keeps a cam table
> to
> > associate MAC addresses to outbound ports, every once and a while a
> frame
> > shows up with a MAC not in the list. The behavior is to flood these
> frames
> > out every port in the corresponding VLAN to assure delivery.
> >
> > The "switcport block" commands alter this behavior and tell the switch
> NOT
> > to do this for the interface tagged.
> >
> > "Switchport protected" on the other hand is the private-vlan edge
> concept
> > (pre-private-vlan, or 3550 implementation). Any two ports tagged as
> > "protected" within a single VLAN will never speak with each other via
> > unicast, broadcast or multicast directly at Layer2.
> >
> > HTH,
> >
> >
> > Scott Morris, CCIE4 (R&S/ISP-Dial/Security/Service Provider) #4713,
> JNCIE
> > #153, CISSP, et al.
> > CCSI/JNCI-M/JNCI-J
> > IPExpert VP - Curriculum Development
> > IPExpert Sr. Technical Instructor
> > smorris@ipexpert.com
> > http://www.ipexpert.com
> >
> >
> >
> > -----Original Message-----
> > From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
> > Noble
> > Sent: Thursday, December 07, 2006 1:49 AM
> > To: Cisco certification
> > Subject: Protected Ports
> >
> > Hi Group,
> >
> > I am trying to understand the need of adding "switchport block
> multicast"
> > and "switchport block unicast" along with "switchport protected".
> >
> > I understand that traffic arriving on one protected port will not be
> > forwarded out other protected ports. If this is the case why would we
> need
> > to block multicast and unicast using switchport block command.
> >
> > --
> > Thank you,
> >
> > -Noble
> >
> > _______________________________________________________________________
> > Subscription information may be found at:
> > http://www.groupstudy.com/list/CCIELab.html
> >
> >
>
>
> --
> Thank you,
>
> -Noble
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>

-- 
Narbik Kocharians
CCIE# 12410 (R&S, SP, Security)
CCSI# 30832
Network Learning, Inc. (CCIE class Instructor)
www.ccbootcamp.com (CCIE Training)

• Next message: Scott Morris: "RE: Protected Ports"
• Previous message: Scott Morris: "RE: BGP and Origin Attribute"
• Maybe in reply to: Noble: "Protected Ports"
• Next in thread: Scott Morris: "RE: Protected Ports"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Tue Jan 02 2007 - 07:50:37 ART