Protected ports

在某些特殊需求下,需要禁止同台交换机上相同VLAN 的主机之间通信,但又不能将这些不能通信的主机划到不同VLAN,因为还需要和VLAN中的其它主机通信,只是不能和部分主机通信。这个特性可以实现这种需求.

Protected ports have these features:

A protected port does not forward any traffic (unicast, multicast, or broadcast) to any other port that is also a protected port. Data traffic cannot be forwarded between protected ports at Layer 2; only control traffic, such as PIM packets, is forwarded because these packets are processed by the CPU and forwarded in software. All data traffic passing between protected ports must be forwarded through a Layer 3 device.

Forwarding behavior between a protected port and a nonprotected port proceeds as usual.

You can configure protected ports on a physical interface (for example, Gigabit Ethernet port 1) or an EtherChannel group (for example, port-channel 5). When you enable protected ports for a port channel, it is enabled for all ports in the port-channel group.

Do not configure a private-VLAN port as a protected port. Do not configure a protected port as a private-VLAN port. A private-VLAN isolated port does not forward traffic to other isolated ports or community ports. For more information about private VLANs

注:这个feature只在单台交换机上有效.

sw1(config-if)#switchport protected    配置了这个特性的端口不能互访.但能与其他端口访问.

时间: 2024-10-13 03:08:00

Protected ports的相关文章

利用云主机做 ssh 反向隧道

[背景] 有三台主机 A.S.B,系统均为Linux.主机 A 和主机 B 在各自不同的内网,主机 S 为一台具有公网 IP 的云主机.主机 A 与主机 B 都可以通过 ssh 连接主机 S.如下图: [需求] 主机 A 需要通过主机 S 连接主机 B. 主机A信息: ip [方法] 1.设置主机 S. 1.1.编辑 /etc/ssh/sshd_config 文件,在里面修改或添加: GatewayPorts yes 1.2.重启 sshd 服务. sudo service sshd resta

kubernetes资源创建详解【持续完善中】

目录 资源创建详解 一:Pod及常用参数 1.简介 2.模板 3.删除pod 4.设置Pod主机名 5.镜像拉取策略(ImagePullPolicy) 二:RC 1.简介 2.模板 三:Deployment 1.简介 2.模板 四:HPA 1.简介 2.模板 五:StatefulSet 1.简介 2.模板 六:PV和PVC 八:扩展 8.1.Pod调度到指定的Node 资源创建详解 一:Pod及常用参数 1.简介 2.模板 3.删除pod 示例流程如下: 用户发送删除pod的命令,默认宽限期是3

Setup Apache2 in Debian 9 and enable two ports for two sites

[email protected]:~# apt-get install apache2 [email protected]:~# cd /etc/apache2/ [email protected]:/etc/apache2# ls -l total 80-rw-r--r-- 1 root root  7224 Jun 20 15:29 apache2.confdrwxr-xr-x 2 root root  4096 Jul  8 12:06 conf-availabledrwxr-xr-x

[RabbitMQ]Error: unable to connect to node [email protected]: nodedown(CentOS7.0)

今天在搭建OpenStack的时候需要安装RabbitMQ,可是使用yum install rabbitmq-server安装之后,按照OpenStack官方提供的文档修改guest用户密码的时候却出现了如下错误: [[email protected] ~]# rabbitmqctl change_password guest Rabbit123 Changing password for user "guest" ... Error: unable to connect to nod

telnet出现"all network ports in use"的解决

由于Linux系统遭意外破坏,恢复后不能telnet,只要客户端一连接Linux服务器就返回"telnetd: all network ports in use"的字符串,SSH连接也失效! 一开始怀疑是端口被别的程序占用,但是用netstat -anp查看时发现23端口并没有被使用.那是什么原因呢? 查看/var/log/secure文件发现了一些有用信息,如下: [[email protected] ~]# cat /var/log/secure ........ Aug 20 1

java中的public,protected,private权限修饰

在java程序前如果不加任何一个权限修饰符,默认是只允许包内访问,只有在同一个包内的类之间才能访问. public: 对每个人都是可用的,在任何地方的任何包内都可以访问. protected: protected处理的是继承的问题,只有子类和自己可以访问,不局限于本包. private: 只有自己可以访问.

$*和[email protected]之间区别代码分析

#!/bin/bash set 'apple pie' pears peaches for i in $*           /*单引号被去掉,循环单个字符输出*/ do echo $i done [[email protected] Ex_14.02-14.31]# sh 14-14-1 apple pie pears peaches -------------------------------------------------------------- #!/bin/bash set

[email protected]一个高效的配置管理工具--Ansible configure management--翻译(六)

无书面许可请勿转载 高级playbook Finding files with variables All modules can take variables as part of their arguments by dereferencing them with {{ and }} . You can use this to load a particular file based on a variable. For example, you might want to select a

【转载】 ERROR 1045 (28000): Access denied for user [email protected] (using password: NO)

来自:http://www.jb51.net/LINUXjishu/10981.html 错误描述: Mysql中添加用户之后可能出现登录时提示ERROR 1045 (28000): Access denied for user的错误.删除user.user中值为NULL的,或更新NULL为test 1)delete from user where user is NULL 2)update user set user='test' where user is NULL.意外的情况: 如果上述方