Table of Contents
Advertisement
| VLAN Commands
C
40
HAPTER
Configuring VLAN Interfaces
switchport
ingress-filtering
If a VLAN on the forbidden list for an interface is manually added to
◆
that interface, the VLAN is automatically removed from the forbidden
list for that interface.
E
XAMPLE
The following example shows how to add VLANs 1, 2, 5 and 6 to the
allowed list as tagged VLANs for port 1:
Console(config)#interface ethernet 1/1
Console(config-if)#switchport allowed vlan add 1,2,5,6 tagged
Console(config-if)#
This command enables ingress filtering for an interface. Use the no form to
restore the default.
S
YNTAX
[no] switchport ingress-filtering
D
S
EFAULT
ETTING
Disabled
C
M
OMMAND
ODE
Interface Configuration (Ethernet, Port Channel)
C
U
OMMAND
SAGE
Ingress filtering only affects tagged frames.
◆
If ingress filtering is disabled and a port receives frames tagged for
◆
VLANs for which it is not a member, these frames will be flooded to all
other ports (except for those VLANs explicitly forbidden on this port).
If ingress filtering is enabled and a port receives frames tagged for
◆
VLANs for which it is not a member, these frames will be discarded.
Ingress filtering does not affect VLAN independent BPDU frames, such
◆
as GVRP or STA. However, they do affect VLAN dependent BPDU
frames, such as GMRP.
E
XAMPLE
The following example shows how to set the interface to port 1 and then
enable ingress filtering:
Console(config)#interface ethernet 1/1
Console(config-if)#switchport ingress-filtering
Console(config-if)#
– 1348 –
Advertisement
Chapters
Table of Contents
