1 port isolation configuration, Port isolation overview, Port isolation configuration – H3C Technologies H3C S3600 Series Switches User Manual
Page 187
1-1
1
Port Isolation Configuration
When configuring port isolation, go to these sections for information you are interested in:
z
z
z
Displaying and Maintaining Port Isolation Configuration
z
Port Isolation Configuration Example
Port Isolation Overview
The port isolation feature is used to secure and add privacy to the data traffic and prevent
malicious attackers from obtaining the user information. With the port isolation feature, you
can add the ports to be controlled into an isolation group to isolate the Layer 2 and Layer
3 data between each port in the isolation group (a port in an isolation group does not
forward traffic to the other ports in the isolation group).
The ports in an isolation group must reside on the same switch or different units of an IRF
fabric.
z
Currently, you can create only one isolation group on an S3600 series Ethernet switch.
The number of Ethernet ports in an isolation group is not limited.
z
An isolation group only isolates the member ports in it.
Port Isolation Configuration
You can perform the following operations to add an Ethernet port to an isolation group, thus
isolating Layer 2 and Layer 3 data among the ports in the isolation group.
Follow these steps to configure port isolation:
To do …
Use the command …
Remarks
Enter system view
system-view
—
Enter Ethernet port view
interface interface-type
interface-number
—
Add the Ethernet port to the
isolation group
port isolate
Required
By default, an isolation
group contains no port.