Table of Contents
Advertisement
Configuring Protocol Filtering
This chapter describes how to configure protocol filtering on Ethernet, Fast Ethernet, and Gigabit
Ethernet ports on the Catalyst enterprise LAN switches. The configuration tasks in this chapter apply to
Ethernet, Fast Ethernet, and Gigabit Ethernet switch ports on switching modules and fixed-configuration
switches, as well as to supervisor engine Fast and Gigabit Ethernet uplink ports.
Note
For complete syntax and usage information for the commands used in this chapter, refer to the Command
Reference—Catalyst 4000 Family, Catalyst 2948G, and Catalyst 2980G Switches.
This chapter consists of these sections:
•
•
•
Understanding How Protocol Filtering Works
Protocol filtering prevents certain protocol traffic from being forwarded out switch ports. Broadcast and
unicast flood traffic is filtered based on the membership of ports in different protocol groups. This
filtering is in addition to the filtering provided by port-VLAN membership.
With protocol filtering enabled, ports are identified on a protocol basis. A port can be a member of one
or more of the protocol groups. Flood traffic for each protocol group is forwarded out a port only if that
port belongs to the appropriate protocol group.
Layer 2 protocols, such as Spanning Tree Protocol (STP) and Cisco Discovery Protocol (CDP), are not
affected by protocol filtering. Dynamic VLAN ports and ports that have port security enabled are
members of all protocol groups.
You can configure a port with any one of these modes for each protocol group: on, off, or auto. If the
configuration is set to on, the port receives all the flood traffic for that protocol. If the configuration is
set to off, the port does not receive any flood traffic for that protocol.
If the configuration is set to auto, a port becomes a member of the protocol group only after the device
connected to the port transmits packets of the specific protocol group. The switch detects the traffic, adds
the port to the protocol group, and begins forwarding flood traffic for that protocol group to that port.
Autoconfigured ports are removed from the protocol group if the attached device does not transmit
packets for that protocol within 60 minutes. Ports are also removed from the protocol group when the
supervisor engine detects that the link is down on the port.
78-12647-02
Understanding How Protocol Filtering Works, page 18-1
Default Protocol Filtering Configuration, page 18-2
Configuring Protocol Filtering, page 18-2
Software Configuration Guide—Catalyst 4000 Family, Catalyst 2948G, Catalyst 2980G, Releases 6.3 and 6.4
C H A P T E R
18
18-1
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
