• To ensure that protocol separation is done only for switch initiated traffic where the application acts as client, only the destinationTCP/UDP port is compared and not the source TCP/UDP port. The source TCP/UDP port becomes a known port number when thebox acts as server.• TFTP is an exception to the preceding logic.• For TFTP, data transfer is initiated on port 69, but the data transfer ports are chosen independently by the sender and receiver duringinitialization of the connection. The ports are chosen at random according to the parameters of the networking stack, typically from therange of temporary ports.• If route lookup in EIS routing table succeeds, the application-specific packet count is incremented. This counter is viewed using theshow management application pkt-cntr command. This counter is cleared using clear management applicationpkt-cntr command.• If the route lookup in the EIS routing table fails or if management port is down, then packets are dropped. The application-specificcount of the dropped packets is incremented and is viewed using the show management application pkt-drop-cntrcommand. This counter is cleared using clear management application pkt-drop-cntr command.• Packets whose destination TCP/UDP port does not match a configured management application, take the regular route lookup flow inthe IP stack.• In the ARP layer, for all ARP packets received through the management interface, a double route lookup is done, one in the defaultrouting table and another in the management EIS routing table. This is because in the ARP layer, we do not have TCP/UDP portinformation to decide the table in which the route lookup should be done.• The show arp command is enhanced to show the routing table type for the ARP entry.• For the clear arp-cache command, upon receiving the ARP delete request, the route corresponding to the destination IP isidentified. The ARP entries learned in the management EIS routing table are also cleared.• Therefore, a separate control over clearing the ARP entries learned via routes in the EIS table is not present. If the ARP entry for adestination is cleared in the default routing table, then if an ARP entry for the destination exists in the EIS table, that entry is alsocleared.• Because fallback support is removed, if the management port is down or the route lookup in EIS table fails packets are dropped.Therefore, switch-initiated traffic sessions that used to work previously via fallback may not work now.Handling of Switch-Destined Traffic• The switch processes all traffic received on the management port destined to the management port IP address or the front-end portdestined to the front-end IP address.• If the source TCP/UDP port number matches a configured EIS or non-EIS management application and the source IP address is amanagement Port IP address, then the EIS route lookup is done for the response traffic and hence is sent out of the management port.In this case, the source IP address is a management port IP address only if the traffic was originally destined to the management portIP.• ICMP-based applications like ping and traceroute are exceptions to the preceding logic since we do not have TCP/UDP port number.So if source IP address of the packet matches the management port IP address EIS route lookup is done.• Management application packet counter is incremented if EIS route lookup succeeds and packet is sent out of the management port.• If route lookup in the EIS routing table fails or if the management port is down, then packets are dropped. The management applicationdrop counter is incremented.• Whenever IP address is assigned to the management port, it is stored in a global variable in the IP stack, which is used for comparisonwith the source IP address of the packet.• Rest of the response traffic is handled as per existing behavior by doing route lookup in the default routing table. So if the traffic isdestined to the front-end port IP address, the response is sent out by doing a route lookup in the default routing table, which is anexisting behavior.Consider a sample topology in which ip1 is an address assigned to the management port and ip2 is an address assigned to any of the frontpanel port. A and B are end users on the management and front-panel port networks. The OS-initiated traffic for management applicationsInternet Group Management Protocol (IGMP) 367