Filter
Top Products
7-8
Advanced Concepts
Filters and Security
Advanced Concepts
Filters and Security
To enhance the switch’s bandwidth usage and in-band security, configure per-
port filters to forward desired traffic or drop unwanted traffic, as described
below. The switch can support up to 50 filters.
Table 7-1. Filter Types and Criteria
Multicast Filters. This filter type enables the switch to send multicast
traffic to a specified set of destination ports. This helps to preserve bandwidth
by reducing multicast traffic on ports where it is unnecessary, and to isolate
multicast traffic to enhance security.
Note IP multicast addresses occur in the range from 224.0.0.0 through
239.255.255.255. When IGMP is enabled, any Traffic/Security filters configured
with a “Multicast” filter type and a “Multicast Address” within the above range
are disabled and an event log message indicating this action is logged . That
is, IGMP will control the IP multicast traffic flow and the Traffic/Security filter
will control any multicast traffic that is not IP multicast. (Multicast addresses
are entered in the “Traffic/Security Filters” screen as Ethernet addresses in
the range of 01005e-000000 through 01995e-7fffff.)
If Spanning Tree is enabled, then the Spanning Tree multicast MAC address
should not be filtered. (STP will not operate properly if the multicast MAC
address is filtered.)
Filter Type Selection Criteria
Multicast Traffic having a specified multicast address will be forwarded or
dropped on a per-port (destination) basis.
Protocol Traffic having the selected frame (protocol) type will be forwarded or
dropped on a per-port (destination) basis.
Source Port Traffic from a designated source port will be forwarded or dropped on
a per-port (destination) basis within the same VLAN.
Source MAC Traffic from a specified source MAC address and coming through a
particular source port will be forwarded or dropped on a per-port
(destination) basis within the same VLAN.
SEDONA.BK : sed_7.fm5 Page 8 Thursday, February 27, 1997 10:11 AM