Table of Contents

Related Documents

11-Port Isolation Quick Start Configuration Guide

Title	Size	Download
11-Port Isolation Quick Start Configuration Guide	72.14 KB

Port Isolation Quick Start Configuration Guide

No part of this manual may be reproduced or transmitted in any form or by any means without prior written consent of New H3C Technologies Co., Ltd.

Except for the trademarks of New H3C Technologies Co., Ltd., any trademarks that may be mentioned in this document are the property of their respective owners.

The information in this document is subject to change without notice.

Contents

Configuring port isolation· 1

Introduction· 1

Network configuration· 1

Restrictions and guidelines· 1

Procedure· 1

Verifying the configuration· 2

Configuration files· 2

Configuring port isolation

Introduction

The following information uses an example to describe the basic port isolation configuration procedure.

As shown in Figure 1, the community users Host A, Host B, and Host C are connected to GigabitEthernet 1/0/1, GigabitEthernet 1/0/2, and GigabitEthernet 1/0/3 of Switch, respectively. Switch is connected to Internet through GigabitEthernet 1/0/4.

Configure port isolation to isolate Layer 2 packets among Host A, Host B, and Host C, and allow these hosts to communicate with Internet.

Figure 1 Network diagram

Restrictions and guidelines

· To assign a port on a device to an isolation group, first create the isolation group.

· A port can be assigned to only one isolation group.

Procedure

IMPORTANT:

On a device that supports only one isolation group, the system automatically creates isolation group 1. You cannot delete the isolation group or create any other isolation group. On a device that supports multiple isolation groups, you can manually configure isolation groups.

# Create isolation group 1.

<Switch> system-view

[Switch] port-isolate group 1

# Assign ports GigabitEthernet 1/0/1, GigabitEthernet 1/0/2, and GigabitEthernet 1/0/3 to isolation group 1.

[Switch] interface gigabitethernet 1/0/1

[Switch-GigabitEthernet1/0/1] port-isolate enable group 1

[Switch-GigabitEthernet1/0/1] quit

[Switch] interface gigabitethernet 1/0/2

[Switch-GigabitEthernet1/0/2] port-isolate enable group 1

[Switch-GigabitEthernet1/0/2] quit

[Switch] interface gigabitethernet 1/0/3

[Switch-GigabitEthernet1/0/3] port-isolate enable group 1

[Switch-GigabitEthernet1/0/3] quit

# Save the configuration.

[Switch] save force

Verifying the configuration

# Display information about isolation group 1.

[Switch] display port-isolate group 1

Port isolation group information:

Group ID: 1

Group members:

GigabitEthernet1/0/1

GigabitEthernet1/0/2

GigabitEthernet1/0/3

The command output shows that GigabitEthernet 1/0/1, GigabitEthernet 1/0/2, and GigabitEthernet 1/0/3 on Switch have been assigned to isolation group 1 and isolated from each other at Layer 2. Host A, Host B, and Host C cannot ping each other.

Configuration files

port-isolate group 1

interface GigabitEthernet1/0/1

port link-mode bridge

port-isolate enable group 1

interface GigabitEthernet1/0/2

port link-mode bridge

port-isolate enable group 1

interface GigabitEthernet1/0/3

port link-mode bridge

port-isolate enable group 1

H3C Campus Fixed-Port Switches CLI-Based Quick Start Configuration Guide-6W101

Configuring port isolation

Introduction

Network configuration

Restrictions and guidelines

Procedure

Verifying the configuration

Configuration files

Related documentation

Cloud & AI

InterConnect

Intelligent Computing

Security

SMB Products

Intelligent Terminal Products

Industry Solutions

Product Support Services

Technical Service Solutions

Resource Center

Policy

Online Help

Training & Certification

Become a Partner

Partner Resources

Partner Business Management

Company Information

News & Events

Online Exhibition Center

Contact Us