Filter
Top Products
DES-3326S Layer 3 Fast Ethernet Switch User’s Guide
58 Switch Management and Operating Concepts
same port as where it originated. This keeps local packets from
disrupting communications on other parts of the network.
For intrusion control, whenever a switch encounters a packet
originating from or destined to a MAC address or an IP Address
entered into the filter table, the switch will discard the packet.
Some filtering is done automatically by the switch:
• Dynamic filtering – automatic learning and aging of MAC
addresses and their location on the network. Filtering
occurs to keep local traffic confined to its segment.
• Filtering done by the Spanning Tree Protocol, which can
filter packets based on topology, making sure that signal
loops don’t occur.
• Filtering done for VLAN integrity. Packets from a member
of a VLAN (VLAN 2, for example) destined for a device on
another VLAN (VLAN 3) will be filtered.
Some filtering requires the manual entry of information
into a filtering table:
• MAC address filtering – the manual entry of specific MAC
addresses to be filtered from the network. Packets sent
from one manually entered MAC address can be filtered
from the network. The entry may be specified as either a
source, a destination, or both.
• IP address filtering – the manual entry of specific IP
addresses to be filtered from the network (switch must be
in IP Routing mode). Packets sent from one manually
entered IP address to another can be filtered from the
network. The entry may specified as either a source, a
destination, or both (switch must be in IP Routing mode).