beautypg.com

Configuring port isolation, Assigning ports to the isolation group, Displaying and maintaining the isolation group – H3C Technologies H3C WX5500E Series Access Controllers User Manual

Page 63

background image

52

Configuring port isolation

Port isolation enables isolating Layer 2 traffic for data privacy and security without using VLANs. You can

also use this feature to isolate the hosts in a VLAN from one another.
The device supports only one isolation group that is created automatically by the system as isolation
group 1. You can neither remove the isolation group nor create other isolation groups on the device.
The number of ports assigned to the isolation group is not limited.
Within the same VLAN, Layer 2 data transmission between ports within and outside the isolation group

is supported.

Assigning ports to the isolation group

Step Command

Remarks

1.

Enter system view.

system-view

N/A

2.

Enter interface view or port
group view.

Enter Layer 2 Ethernet interface

view:
interface interface-type

interface-number

Enter Layer 2 aggregate

interface view:

interface bridge-aggregation

interface-number

Enter port group view:

port-group manual

port-group-name

Use one of the commands.

In Layer 2 Ethernet interface view,

configurations apply only to the

port.

In Layer 2 aggregate interface

view, configurations apply to the

Layer 2 aggregate interface and
all its member ports.

In port group view, configurations

apply to all ports in the port
group.

3.

Assign the ports to the
isolation group.

port-isolate enable

No ports are assigned to the isolation
group by default.

NOTE:

After you configure a command on a Layer 2 aggregate interface, the system starts applying the
configuration to the aggregate interface and its aggregation member ports. If the system fails to do that on

the aggregate interface, it stops applying the configuration to the aggregation member ports. If it fails to
do that on an aggregation member port, it simply skips the port and moves to the next port.

Displaying and maintaining the isolation group

Task Command

Remarks

Display isolation group information.

display port-isolate group [ | { begin |
exclude | include } regular-expression ]

Available in any view.

See also other documents in the category H3C Technologies Routers: