Re: Protected Ports

From: Elias Chari (elias.chari@gmail.com)
Date: Thu Dec 07 2006 - 20:16:36 ART

It is not only helpful having training vendors on this list but can also be
great fun

If I can add my 2c, here is the link to the docCD bound to cover all
switches..-)

http://www.cisco.com/univercd/home/home.htm

Sorry guys, on my second glass of wine after a hard day's work practicing my
labs, just couldn't resist....

On 12/7/06, Brian McGahan <bmcgahan@internetworkexpert.com > wrote:
>
> Yes, but that one is deprecated. Try this one instead:
>
> http://www.cisco.com/univercd/cc/td/doc/product/lan/cat3560/12235se/scg1
> /swtrafc.htm#wp1029319
>
>
> HTH,
>
> Brian McGahan, CCIE #8593 (R&S/SP)
> bmcgahan@internetworkexpert.com
>
> Internetwork Expert, Inc.
> http://www.InternetworkExpert.com <http://www.internetworkexpert.com/>
> Toll Free: 877-224-8987 x 705
> Outside US: 775-826-4344 x 705
> 24/7 Support: http://forum.internetworkexpert.com
> Live Chat: http://www.internetworkexpert.com/chat/
>
> > -----Original Message-----
> > From: nobody@groupstudy.com [mailto: nobody@groupstudy.com] On Behalf
> Of
> > Narbik Kocharians
> > Sent: Thursday, December 07, 2006 12:30 PM
> > To: swm@emanon.com
> > Cc: Noble; Cisco certification
> > Subject: Re: Protected Ports
> >
> > Unbelievable
> >
> >
> > On 12/7/06, Scott Morris < swm@emanon.com > wrote:
> > >
> > > You may want the 3560 docs instead just for giggles, but they're
> very
> > > similar.
> > >
> > >
> > >
> >
> http://www.cisco.com/univercd/cc/td/doc/product/lan/cat3560/12225see/scg
> /s
> > wtrafc.htm#wp1029319
> > >
> > > Scott
> > >
> > > ------------------------------
> > > *From:* Narbik Kocharians [mailto: narbikk@gmail.com]
> > > *Sent:* Thursday, December 07, 2006 11:12 AM
> > > *To:* Noble
> > > *Cc:* swm@emanon.com; Cisco certification
> > > *Subject:* Re: Protected Ports
> > >
> > >
> > > You can read a little more about it here.
> > >
> > >
> > >
> >
> http://cisco.com/univercd/cc/td/doc/product/lan/cat3750/12114ea1/3750scg
> /s
> > wtrafc.htm#1104913
> > >
> > >
> > > On 12/7/06, Noble <noble.ccie@gmail.com > wrote:
> > > >
> > > > Hi Scott,
> > > >
> > > > Thank you very much.
> > > >
> > > >
> > > > On 12/7/06, Scott Morris < swm@emanon.com> wrote:
> > > > > These are two completely different concepts.
> > > > >
> > > > > The "switchport block" commands have to do with altering the
> typical
> > > > > behavior of a bridge/switch. While normally a switch keeps a
> cam
> > > > table to
> > > > > associate MAC addresses to outbound ports, every once and a
> while a
> > > > frame
> > > > > shows up with a MAC not in the list. The behavior is to flood
> these
> > > > frames
> > > > > out every port in the corresponding VLAN to assure delivery.
> > > > >
> > > > > The "switcport block" commands alter this behavior and tell the
> > switch
> > > > NOT
> > > > > to do this for the interface tagged.
> > > > >
> > > > > "Switchport protected" on the other hand is the private-vlan
> edge
> > > > concept
> > > > > (pre-private-vlan, or 3550 implementation). Any two ports
> tagged as
> > > > > "protected" within a single VLAN will never speak with each
> other
> > via
> > > > > unicast, broadcast or multicast directly at Layer2.
> > > > >
> > > > > HTH,
> > > > >
> > > > >
> > > > > Scott Morris, CCIE4 (R&S/ISP-Dial/Security/Service Provider)
> #4713,
> > > > JNCIE
> > > > > #153, CISSP, et al.
> > > > > CCSI/JNCI-M/JNCI-J
> > > > > IPExpert VP - Curriculum Development
> > > > > IPExpert Sr. Technical Instructor
> > > > > smorris@ipexpert.com
> > > > > http://www.ipexpert.com
> > > > >
> > > > >
> > > > >
> > > > > -----Original Message-----
> > > > > From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On
> Behalf
> > > > Of
> > > > > Noble
> > > > > Sent: Thursday, December 07, 2006 1:49 AM
> > > > > To: Cisco certification
> > > > > Subject: Protected Ports
> > > > >
> > > > > Hi Group,
> > > > >
> > > > > I am trying to understand the need of adding "switchport block
> > > > multicast"
> > > > > and "switchport block unicast" along with "switchport
> protected".
> > > > >
> > > > > I understand that traffic arriving on one protected port will
> not be
> > > > > forwarded out other protected ports. If this is the case why
> would
> > we
> > > > need
> > > > > to block multicast and unicast using switchport block command.
> > > > >
> > > > > --
> > > > > Thank you,
> > > > >
> > > > > -Noble
> > > > >
> > > > >
> > > >
> >
> _______________________________________________________________________
> > > > > Subscription information may be found at:
> > > > > http://www.groupstudy.com/list/CCIELab.html
> > > > >
> > > > >
> > > >
> > > >
> > > > --
> > > > Thank you,
> > > >
> > > > -Noble
> > > >
> > > >
> >
> _______________________________________________________________________
> > > > Subscription information may be found at:
> > > > http://www.groupstudy.com/list/CCIELab.html
> > > >
> > >
> > >
> > >
> > > --
> > > Narbik Kocharians
> > > CCIE# 12410 (R&S, SP, Security)
> > > CCSI# 30832
> > > Network Learning, Inc. (CCIE class Instructor)
> > > www.ccbootcamp.com (CCIE Training)
> > >
> >
> >
> >
> > --
> > Narbik Kocharians
> > CCIE# 12410 (R&S, SP, Security)
> > CCSI# 30832
> > Network Learning, Inc. (CCIE class Instructor)
> > www.ccbootcamp.com (CCIE Training)
> >
> >
> _______________________________________________________________________
> > Subscription information may be found at:
> > http://www.groupstudy.com/list/CCIELab.html
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html

This archive was generated by hypermail 2.1.4 : Tue Jan 02 2007 - 07:50:37 ART