General Switch Traffic Security Guideline - HP ProCurve Series 3400cl Release Notes

Procurve series

Hide thumbs Also See for ProCurve Series 3400cl:

Management manual (664 pages)

Management and configuration manual (508 pages)

Access security manual (404 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

191

192

193

194

195

196

197

page of 197

/ 197
Contents
Table of Contents
Bookmarks

Table of Contents

Clarifications and Updates

General Switch Traffic Security Guideline

Setting Fast-Leave and Forced Fast-Leave from the CLI. In earlier switch models, including

the 5300xl switches, fast-leave and forced fast-leave options for a port were configured with a lengthy

setmib command. The following commands now allow a port to be configured for fast-leave or forced

fast-leave operation with a conventional CLI command instead of the setmib command. Note that

these commands must be executed in a VLAN context.

Syntax: [no] ip igmp fastleave < port-list >

[no] ip igmp forcedfastleave < port-list >

To view a non-default IGMP forced fast-leave configuration on a VLAN, use the show running-config

command. (The show running-config output does not include forced fast-leave if it is set to the default

of 0.)

Note

In a future version of the 3400cl switch software, the show running-config command output will include

any non-default fast-leave settings configured. However, this information is not included in the output

for the M.08.53 software release.

IGMP Operating Notes.

■

On the Series 3400cl switches, the delayed group flush feature offers little additional benefit

over the IGMP data-driven feature (which is enabled by default).

Forced fast-leave can be used when there are multiple devices attached to a port.

■

General Switch Traffic Security Guideline

Where the switch is running multiple security options, it implements network traffic security based

on the OSI (Open Systems Interconnection model) precedence of the individual options, from the

lowest to the highest. The following list shows the order in which the switch implements configured

security features on traffic moving through a given port.

Disabled/Enabled physical port

MAC lockout (Applies to all ports on the switch.)

MAC lockdown

Enables IGMP fast-leaves on the specified ports in the selected VLAN. In the

Config context, use the VLAN specifier, for example, vlan < vid > ip igmp

fastleave < port-list >. The no form of the command disables IGMP fast-leave.

(Default: Enabled)

Forces IGMP Fast-Leaves on the specified ports in the selected VLAN, even

if they are cascaded. (Default: Disabled)

Table of Contents

This manual is also suitable for:

Procurve 3400cl-48g Procurve 6400cl-6xg Procurve 6410cl-6xg Procurve 3400cl-24g

General Switch Traffic Security Guideline - HP ProCurve Series 3400cl Release Notes

General Switch Traffic Security Guideline

Related Manuals for HP ProCurve Series 3400cl

Related Content for HP ProCurve Series 3400cl

This manual is also suitable for:

Table of Contents