Skip to main content

Cisco Protected Port

I can see in my network any customer can communicate to any one on the same VLAN. Basically when ever any unknown packets ingress into the switch. Switch found no record in CAM table, so that frame flood every port of the respected VLAN, except the frame received port. Such a communication can very dangerous for the service provider and its customer. Because any one can sniff or send information to other customer in same VLAN. 

Broadcast packet also flooded into the network that can bottleneck our network. The way to protect such a bottleneck of the network we can configure switch port as protected port thus no port can directly communicated in a same broadcast domain.

Command:
interface fa0/2
switchchport mode access
switchport access vlan 30
switchport protected

This way we can protect the user in same VLAN. Protected port only be configured in edge port not the trunk port or L3 connected port. Now the protected port prevent any unicast, broadcast or multicast packet entering to the same switch interface. But traffic forwarded to same domain can be communicated through L3 device like router. 

Labels:

Comments

Post a Comment

Popular posts from this blog

MongoDB Failed to start lsb an object/document-oriented database

After long gap I'm going to post new blog. Due to the work load and research I have little time.  MongoDB could not started after installation of 3.6 version, However downgrade to the 3.4, still the Mongodb couldn't start and show below error message. Search don't help to resolved the issue. After so much hit and trail nothing work. One Chinese forum posted this command and its works for me.  cd /var/lib sudo rm -rf ./mongodb sudo mkdir mongodb sudo chown -R mongodb mongodb/ sudo serivce mongodb restart
Post a Comment
Read more

Cisco ASA in GNS3

Here is another tutorial running Cisco ASAv on GNS3 using Qemu. For Configure GNS3 In My case I have used ASAv952-204.qcow2 Go  to the GNS3>Edit>Preferences>QEMU>Qemu VMs>New Follow on screen procedure.  Don't forget to enable kvm and memory allocation.  Now you can see I can run ASAv 9.5.2 Blank Password.
Post a Comment
Read more

IOS XR GNS3 QEMU

This time lets have tutorial on Cisco XR 9k series router image running on the GNS3. Please don't ask for the XR image. Your are smart enough to get it. My system configuration: Ubuntu 16.04 GNS3 1.4 RAM 8Gig i7 processor Used XR Image iosxrv-k9-demo-6.0.1.qcow2 This image is VIRL extracted image. You need to convert this image into QEMU image, follow this link I strongly recommend you to run it on the Linux system. Now you have converted image, then go to the GNS3>Edit>Preferences>QEMU>Qemu VMs>New then follow the onscreen procedure. Setting for QEMU XR Image. RAM:- 4Gig CPU:- 1 Adapters at lest 4.  -enable-kvm Here you can see I can run the XR on my system. Interface is up and system is already booted.  I have run 3 XR router  here is my system RAM CPU usages. RP/0/0/CPU0:XR3(config)#int gi0/0/0/0 RP/0/0/CPU0:XR3(config-if)#ip add 192.168.13.2 255.255.255.252 RP/0/0/CPU0:XR3(config-if)#co
Post a Comment
Read more