| General Security Measures
C
25
HAPTER
Port-based Traffic Segmentation
traffic-segmentation
uplink-to-uplink
A downlink port can only communicate with an uplink port in the same
◆
session. Therefore, if an uplink port is not configured for a session, the
assigned downlink ports will not be able to communicate with any other
ports.
If a downlink port is not configured for the session, the assigned uplink
◆
ports will operate as normal ports.
E
XAMPLE
This example enables traffic segmentation, and then sets port 10 as the
uplink and ports 5-8 as downlinks.
Console(config)#traffic-segmentation
Console(config)#traffic-segmentation uplink ethernet 1/10
downlink ethernet 1/5-8
Console(config)#
This command specifies whether or not traffic can be forwarded between
uplink ports assigned to different client sessions. Use the no form to
restore the default.
S
YNTAX
[no] traffic-segmentation uplink-to-uplink {blocking |
forwarding}
blocking – Blocks traffic between uplink ports assigned to different
sessions.
forwarding – Forwards traffic between uplink ports assigned to
different sessions.
D
S
EFAULT
ETTING
Blocking
C
M
OMMAND
ODE
Global Configuration
E
XAMPLE
This example enables forwarding of traffic between uplink ports assigned to
different client sessions.
Console(config)#traffic-segmentation uplink-to-uplink forwarding
Console(config)#
– 966 –