Cajun p120 functionality, Switched ports, Layer 2 security – Motorola CAJUN P120 User Manual
Page 17: Switched ports layer 2 security
Chapter 1
Overview
Cajun P120 User’s Guide
3
Cajun P120 Functionality
This section describes many of the functions that are supported by the Cajun P120
modules. For the default settings refer to the ”Default Settings” section.
Switched Ports
Switching provides high performance by confining traffic between any pair of ports
to a single path in the fabric, allowing other traffic to move on other paths. The
Cajun P120’s high performance is based on the internal high speed switching fabric
(and a separate control bus) that prevents blocking. The 24 internal ports and
expansion modules inserted into a Cajun P120 enclosure form a single switching
fabric that communicates over that internal high speed switching fabric.
A Cajun P120 switch is functionally equivalent to a standard IEEE 802.1D multi-
port bridge. It learns source MAC addresses on the fly and stores them, along with
the source port, in a large internal CAM. The efficient forwarding process is based
on the information in the CAM. The Cajun P120 can age CAM entries by erasing
the entries that have not been recently used.
Unicast frames that enter any switched port are stored and forwarded to the specific
destination port, thus providing a high-performance path through the switching
fabric. Unknown, Multicast/Broadcast frames are flooded to all ports in the same
VLAN to ensure that they arrive at the proper destination. Frames with errors are
discarded to prevent error flooding.
The Cajun P120 Ethernet ports are 10/100 Mbps auto-negotiating. The Cajun P120
expansion module ports are 10/100Base-TX, 100Base-FX, 1000Base-SX or
1000Base-LX.
Each port is an independent switched port and has the availability of the whole
media bandwidth. The ports are grouped internally. Frames whose source and
destination addresses are in the same group will stay local to that group, thus not
loading the switching fabric at all. The Cajun P120 forwards frames that are not
local to their proper destination through the switching fabric to the end stations, in
a mode transparent to the end stations.
Each port may be enabled or disabled by either management, the Spanning Tree
Algorithm (STA) - IEEE 802.1D, or due to the port partition state of the link.
Layer 2 Security
The security function detects packets of unknown origin, prevents them from
entering the switch, and alerts the Device Manager in case of such intrusion
attempts. Once a station is registered in a Secured port address table it cannot
communicate via any other port. However, if such a station does try to
communicate via another port, the management will not receive an intrusion
detection warning.