|
Chapter 2: Bridging Configuration Guide2 - 10SSR User Reference ManualConfiguring VLAN Trunk PortsThe SSR supports standards-based VLAN trunking between multiple SSRs as definedby IEEE 802.1Q. 802.1Q adds a header to a standard Ethernet frame which includes aunique VLAN id per trunk between two SSRs. These VLAN ids extend the VLANbroadcast domain to more than one SSR.To configure a VLAN trunk, perform the following command in the Configure mode.Configure Bridging for Non-IP/IPX ProtocolsBy default, all non-routable protocols (AppleTalk and DECnet) are bridged within theSSR. All physical ports containing non-routable protocols should be assigned to thesame VLAN, thus allowing bridging between ports. Routing can still be performed onthe defined VLAN by assigning an IP or IPX interface.Configure Layer-2 FiltersLayer-2 security filters on the SSR allow you to configure ports to filter specific MACaddresses. When defining a Layer-2 security filter, you specify to which ports youwant the filter to apply. Refer to the “Security Configuration Chapter” for details onconfiguring Layer-2 filters. You can specify the following security filters:• Address filtersThese filters block traffic based on the frame's source MAC address, destinationMAC address, or both source and destination MAC addresses in flow bridgingmode. Address filters are always configured and applied to the input port.• Port-to-address lock filtersThese filters prohibit a user connected to a locked port or set of ports from using an-other port.• Static entry filtersThese filters allow or force traffic to go to a set of destination ports based on aframe's source MAC address, destination MAC address, or both source and destina-tion MAC addresses in flow bridging mode. Static entries are always configured andapplied at the input port.• Secure port filtersA secure filter shuts down access to the SSR based on MAC addresses. All packetsreceived by a port are dropped. When combined with static entries, however, thesefilters can be used to drop all received traffic but allow some frames to go through.Configure 802.1Q VLAN trunks. vlan make
PreviousNext |