11-Port Isolation Operation

Download

Table of Contents

Chapter 1 Port Isolation Configuration. 1-1

1.1 Port Isolation Overview. 1-1

1.1.1 Introduction to Port Isolation. 1-1

1.1.2 Port Isolation and Link Aggregation. 1-1

1.2 Port Isolation Configuration. 1-1

1.3 Displaying Port Isolation Configuration. 1-2

 

Chapter 1  Port Isolation Configuration

1.1  Port Isolation Overview

1.1.1  Introduction to Port Isolation

Through the port isolation feature, you can add the ports to be controlled into an isolation group to isolate the Layer 2 and Layer 3 data between each port in the isolation group. Thus, you can improve the network security and network in a more flexible way.

Currently, you can configure 64 isolation groups on a switch. The number of Ethernet ports an isolation group can accommodate is not limited.

 

&  Note:

The port isolation function is independent of VLAN configuration.

 

1.1.2  Port Isolation and Link Aggregation

When a member port in an aggregation group joins an isolation group, the other ports in the aggregation group joins the isolation group automatically.

1.2  Port Isolation Configuration

Table 1-1 lists the operations to add an Ethernet port to an isolation group to isolate Layer 2 data between each port in the isolation group.

Table 1-1 Configure port isolation

Operation

Command

Description

Enter system view

system-view

Create an isolation group

port-isolate group group-id

Required

Specify a description string for the isolation group

description text

Optional

Add the specified port into the isolation group

port interface-list

Optional

By default, an isolation group contains no Ethernet port.

Enter Ethernet port view

interface interface-type interface-number

Add the current Ethernet port to the isolation group

port isolate group group-id

Required

By default, an isolation group contains no Ethernet port.

 

&  Note:

An Ethernet port belongs to only one port isolation group. If you add an Ethernet port to different isolation groups, the port belongs to only the latest isolation group to which the port is added.

Currently, A type card (LS81FT48A, LS81FM24A, LS81FS24A, LS81GB8UA, LS81GT8UA) cannot support Port Isolation feature.

 

1.3  Displaying Port Isolation Configuration

After the above configuration, you can execute the display command in any view to view the information about the Ethernet ports added to the isolation group.

Table 1-2 Display port isolation configuration

Operation

Command

Display the configuration of the created isolation group

display isolate port [ group group-id ]