Monitoring Protected Ports
Table 31: Commands for Displaying Protected Port Settings
PurposeCommand
Displays the administrative and operational status of all
switching (nonrouting) ports or the specified port, including
port blocking and port protection settings.
show interfaces [interface-id] switchport
Where to Go Next
•
Information About Port Blocking
Port Blocking
By default, the switch floods packets with unknown destination MAC addresses out of all ports. If unknown
unicast and multicast traffic is forwarded to a protected port, there could be security issues. To prevent unknown
unicast or multicast traffic from being forwarded from one port to another, you can block a port (protected or
nonprotected) from flooding unknown unicast or multicast packets to other ports.
With multicast traffic, the port blocking feature blocks only pure Layer 2 packets. Multicast packets that
contain IPv4 or IPv6 information in the header are not blocked.
Note
How to Configure Port Blocking
Blocking Flooded Traffic on an Interface
Before You Begin
The interface can be a physical interface or an EtherChannel group. When you block multicast or unicast
traffic for a port channel, it is blocked on all ports in the port-channel group.
Catalyst 2960-XR Switch Security Configuration Guide, Cisco IOS Release 15.0(2)EX1
OL-29434-01 333
Configuring Port-Based Traffic Control
Monitoring Protected Ports
To Next Page
Loading...
