Port Isolation Configuration; Introduction To Port Isolation; Configuring An Isolation Group - H3C S5120-SI series Configuration Manual

Port isolation configuration

This chapter includes these sections:

Introduction to port isolation

•

Configuring an isolation group

•
Displaying and maintaining isolation groups
•
• Port isolation configuration example
Introduction to port isolation
Usually, Layer 2 traffic isolation is achieved by assigning ports to different VLANs. To save VLAN
resources, port isolation is introduced to isolate ports within a VLAN, allowing for great flexibility and
security.
Currently:
S5120-SI Switch Series supports multiple isolation groups which can be configured manually. These
•
devices are referred to as multiple-isolation-group devices.
There is no restriction on the number of ports assigned to an isolation group.
•
Within the same VLAN, Layer 2 data transmission between ports within and outside the isolation
•
group is supported.
Configuring an isolation group
Follow these steps to configure an isolation group:
To do...
Enter system view
Create an isolation group
Enter interface
view, or port
group view
Use the command...
system-view
port-isolate group group-number
Enter
Ethernet interface interface-type
interface interface-number
view
Enter Layer 2
aggregate interface bridge-aggregation
interface interface-number
view
Enter port
port-group manual port-group-name
group view
42
Remarks
—
Required
Required
Use one of the commands.
•
In Ethernet interface view, the
subsequent configurations
apply to the current port
•
In Layer 2 aggregate interface
view, the subsequent
configurations apply to the
Layer 2 aggregate interface
and all its member ports.
•
In port group view, the
subsequent configurations
apply to all ports in the port
group.