Riverstone Networks WICT1-12 Network Router User Manual


 
25-14 Riverstone Networks RS Switch Router User Guide Release 8.0
Layer-4 Bridging and Filtering Security Configuration
25.4.2 Placing the Ports on the Same VLAN
Once you have created a VLAN for the ports to be used in layer-4 bridging, you add those ports to the VLAN. To add
ports to a VLAN, enter the following command in Configure mode:
To add the ports in the example in Figure 25-2, to the blue VLAN you would enter the following command:
25.4.3 Enabling Layer-4 Bridging on the VLAN
After adding the ports to the VLAN, you enable Layer-4 Bridging on the VLAN. To do this, enter the following
command in Configure mode:.
For example, to enable Layer-4 Bridging on the blue VLAN:
25.4.4 Creating ACLs to Specify Selection Criteria for Layer-4 Bridging
Access control lists (ACLs) specify the kind of filtering to be done for Layer-4 Bridging.
In the example in Figure 25-2, to allow the consultants access to the file server for e-mail (SMTP) traffic, but not for
Web (HTTP) traffic — and allow e-mail, Web, and FTP traffic between the engineers and the file server, you would
create ACLs that allow only SMTP traffic on the port to which the consultants are connected and allow SMTP, HTTP,
and FTP traffic on the ports to which the engineers are connected.
Add ports to a VLAN.
vlan add ports
<port-list>
to
<vlan-name>
rs(config)# vlan add ports et.1.1,et.1.2,et.1.3 to blue
Enable Layer 4 bridging.
vlan enable l4-bridging on
<vlan-name>
rs(config)#
vlan enable l4-bridging on blue