Table of Contents
Advertisement
A trunk group can consist of two to four ports, and up to 8 ports on a Chassis device. You can configure up to 64
trunk groups on a Chassis device, and up to four trunk groups on all Stackable devices except the TurboIron/4.
The TurboIron/4 allows up to three trunk groups.
NOTE: The TurboIron/4 supports up to three trunk groups.
For configuration information, see "Configuring Trunk Groups" on page 10-41.
Port-Based Virtual LANs (VLANs)
By default, all ports in a Foundry device belong to a common Layer 2 broadcast domain. When the device sends
a Layer 2 broadcast packet, the packet goes out all active ports. A port-based VLAN (Virtual LAN) is a subset of
ports on a Foundry device that constitutes a Layer 2 broadcast domain.
Port-based VLANs can reduce the likelihood and severity of broadcast storms by reducing the number of ports
affected by a storm. In addition, for devices such as servers that can cause broadcast storms, you can add static
MAC entries for the devices and assign the static entries to a VLAN.
By default, each port-based VLAN maintains a separate spanning tree. You can override this behavior and
configure the device to use the same spanning tree for all VLAN ports if desired. See "Single Spanning Tree" on
page 12-19.
For VLAN configuration information, see "Configuring Virtual LANs (VLANs)" on page 25-1.
VLAN Tagging
Foundry switches support 802.1q VLAN tagging. VLAN tagging is a method of identifying a packet as a member
of a VLAN. VLAN tagging enables you to configure ports on multiple switches into a single VLAN. Using tagged
VLANs can ease network management and ensures interoperability with other devices.
When a switch sends a packet that is a member of a tagged VLAN, the switch "tags" the packet to indicate its
VLAN membership. Other switches that support VLAN tagging recognize the tag and process the packet
according to its VLAN membership.
For more information, see "Configuring Virtual LANs (VLANs)" on page 25-1.
MAC Filters
A MAC filter enables you to explicitly permit or deny switching of a Layer 2 packet received by the Foundry
device. When the device receives a Layer 2 packet for switching, the device checks the packet's contents against
the defined MAC filters. If the packet matches a filter, the system takes the action specified in the filter.
•
If the action is permit, the system allows the packet to be switched.
•
If the action is deny, the system immediately drops the packet.
To ensure security, if a packet does not match any of the MAC filters defined on the system, the system drops the
packet by default. To configure the system to permit packets by default, you must define the last MAC filter in the
filter list to allow all packets.
MAC filters can evaluate packets based on criteria such as source address and mask, destination address and
mask, and protocol type (IP, ARP, and so on).
See "Defining MAC Address Filters" on page 10-61 for information on configuring MAC filters.
Address-Lock Filters
An address-lock filter restricts the number of MAC addresses that a Layer 2 Switch can learn from a specific
port. After the Layer 2 Switch learns the specified number of MAC addresses from the port, it stops learning
addresses received on that port. In addition, the Layer 2 Switch does not accept or forward traffic on the port
unless the traffic contains one of the source or destination MAC addresses locked for the port.
Address-lock filters apply only to Layer 2 traffic and do not affect Layer 3 or Layer 4 traffic on the locked ports.
Unlike addresses learned from other ports, addresses learned from a locked port are not subject to aging.
December 2000
Software Overview
8 - 17
- Quick Links:
- Configuring Ip Addresses
Hide quick links:
Advertisement
Chapters
Table of Contents
