Cisco WS-C2960S-24PD-L Software Guide - Page 207
Creating EtherChannel Port Groups, Configuring Protected Ports
View all Cisco WS-C2960S-24PD-L manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 207 highlights
Chapter 7 Configuring the Switch Ports Configuring Protected Ports Creating EtherChannel Port Groups Beginning in privileged EXEC mode, follow these steps to create a two-port group: Step 1 Step 2 Command configure terminal interface interface Step 3 Step 4 Step 5 Step 6 Step 7 port group 1 distribution destination interface interface port group 1 distribution destination end show running-config Purpose Enter global configuration mode. Enter interface configuration mode, and enter the port of the first port to be added to the group. Assign the port to group 1 with destination-based forwarding. Enter the second port to be added to the group. Assign the port to group 1 with destination-based forwarding. Return to privileged EXEC mode. Verify your entries. Configuring Protected Ports Some applications require that no traffic be forwarded by the Layer 2 protocol between ports on the same switch. In such an environment, there is no exchange of unicast, broadcast, or multicast traffic between ports on the switch, and traffic between ports on the same switch is forwarded through a Layer 3 device such as a router. To meet this requirement, you can configure Catalyst 2900 XL and Catalyst 3500 XL ports as protected ports (also referred to as private VLAN edge ports). Protected ports do not forward any traffic to protected ports on the same switch. This means that all traffic passing between protected ports-unicast, broadcast, and multicast-must be forwarded through a Layer 3 device. Protected ports can forward any type of traffic to unprotected ports, and they forward as usual to all ports on other switches. Note Sometimes unknown unicast traffic from an unprotected port is flooded to a protected port because a MAC address has timed out or has not been learned by the switch. Use the port block command to guarantee that in such a case no unicast and multicast traffic is flooded to the port. See the "Configuring Flooding Controls" section on page 7-4 for more information. Beginning in privileged EXEC mode, follow these steps to define a port as a protected port: Step 1 Step 2 Step 3 Step 4 Step 5 Command configure terminal interface interface port protected end show port protected Purpose Enter global configuration mode. Enter interface configuration mode, and enter the port to be configured. Enable protected port on the port. Return to privileged EXEC mode. Verify that the protected port option is enabled. Use the no version of the port protected interface configuration command to disable the protected port option. 78-6511-08 Catalyst 2900 Series XL and Catalyst 3500 Series XL Software Configuration Guide 7-9