IBM 8260 Switch User Manual


 
11.8.6 Destination Address Filtering
Destination address filtering allows you to use the contents of the filtering
database to forward or discard frames. Destination address filtering is always
performed by the Multiprotocol Interconnect module. However, certain
configurable parameters as described below will affect the operation of the
destination address filtering:
If the port is operating in normal mode and the destination address of the
frame is found in the filtering database, the packet is bridged according to
the
disposition
specified for that MAC address (other filters permitting).
If the port is operating in normal mode and the destination address of the
frame is not found in the filtering database, the frame is sent on all the other
ports (flooded) enabled for transparent bridging (other filters permitting).
When a packet is received and the port is operating in security mode, if no
static/permanent entry is found in the filtering database for the destination
address of the frame, the packet is discarded. If a static/permanent entry is
found, the frame will be forwarded (other filters permitting).
11.8.6.1 Source Address Filtering
Source address filtering allows you to specify the stations from which frames will
be bridged. Source address filtering may be enabled/disabled for each port
using the
Transparent Bridging Port Parameters
and the
Source Routing Port
Parameters
panels.
If source address filtering is enabled, when a packet is received, the module
searches the filtering database for the source address. If it is present (it must be
permanent or static) and address disposition is the receiving port, then the
packet will be forwarded (other filters permitting). Otherwise, the packet is
discarded. This ensures that only the frames from predefined MAC addresses
and on predefined networks will be able to communicate through the bridge.
Also, source address filtering, combined with security mode, allows you to
forward only the traffic between predefined stations and on predefined networks.
11.8.6.2 Broadcast/Multicast Filtering
When the port is operating in security mode, all the broadcast/multicast frames
will be discarded. However, by setting
Broadcast/Multicast Filtering
on the
secure port to
Always Accept Multicast
, all broadcast and multicast traffic will be
accepted from that port and forwarded to all the other ports.
Note that in normal mode with the default disposition of
flood
, the
broadcast/multicast traffic is forwarded regardless of the setting of this filter.
11.8.6.3 Custom Filtering
This facility allows a number of custom tests to be applied to the received traffic
to determine if the frame should be forwarded or discarded. This facility is
offered on a per port basis; that is, you can perform different tests on different
ports, and is applied after the standard destination address filtering (and source
address filtering if enabled). Therefore, packets discarded during the destination
address filtering (and source address filtering) are not subject to custom filtering.
To perform custom filtering, you must perform the following:
1. Define all the tests that you may want to be applied to the received frames
by the Multiprotocol Interconnect module. This is done by creating a
Custom
274 8260 Multiprotocol Intelligent Switching Hub