Name: Cisco Catalyst 3560-X
Brand: Cisco
Rating: 4 (1 reviews)

To Next Page

To Previous Page

1-7

Catalyst 3750-X and 3560-X Switch Software Configuration Guide

OL-25303-03

Chapter 1 Configuring Port-Based Traffic Control

Configuring Port Blocking

Protected Port Configuration Guidelines

You can configure protected ports on a physical interface (for example, Gigabit Ethernet port 1) or an

EtherChannel group (for example, port-channel 5). When you enable protected ports for a port channel,

it is enabled for all ports in the port-channel group.

Do not configure a private-VLAN port as a protected port. Do not configure a protected port as a

private-VLAN port. A private-VLAN isolated port does not forward traffic to other isolated ports or

community ports. For more information about private VLANs, see Chapter 1, “Configuring Private

VLANs.”

Configuring a Protected Port

Beginning in privileged EXEC mode, follow these steps to define a port as a protected port:

To disable protected port, use the no switchport protected interface configuration command.

This example shows how to configure a port as a protected port:

Switch# configure terminal

Switch(config)# interface gigabitethernet1/0/1

Switch(config-if)# switchport protected

Switch(config-if)# end

Configuring Port Blocking

By default, the switch floods packets with unknown destination MAC addresses out of all ports. If

unknown unicast and multicast traffic is forwarded to a protected port, there could be security issues. To

prevent unknown unicast or multicast traffic from being forwarded from one port to another, you can

block a port (protected or nonprotected) from flooding unknown unicast or multicast packets to other

ports.

Note With multicast traffic, the port blocking feature blocks only pure Layer 2 packets. Multicast packets that

contain IPv4 or IPv6 information in the header are not blocked.

• Default Port Blocking Configuration, page 1-8

• Blocking Flooded Traffic on an Interface, page 1-8

Command Purpose

Step 1

configure terminal Enter global configuration mode.

Step 2

interface interface-id Specify the interface to be configured, and enter interface

configuration mode.

Step 3

switchport protected Configure the interface to be a protected port.

Step 4

end Return to privileged EXEC mode.

Step 5

show interfaces interface-id switchport Verify your entries.

Step 6

copy running-config startup-config (Optional) Save your entries in the configuration file.

Questions and Answers:

Need help?

Do you have a question about the Cisco Catalyst 3560-X and is the answer not in the manual?

Cisco Catalyst 3560-X Specifications

General

Enclosure Type	Rack-mountable - 1U
Subtype	Gigabit Ethernet
Ports	48 x 10/100/1000 + 4 x SFP
Flash Memory	64 MB
Power Device	Internal power supply
Voltage Required	AC 120/230 V (50/60 Hz)
Operating System	Cisco IOS
Device Type	Switch
Performance	Switching capacity: 128 Gbps
Jumbo Frame Support	Yes
Routing Protocol	RIP-1, RIP-2, EIGRP
Remote Management Protocol	SNMP 1, RMON 1, RMON 2, RMON 3, RMON 9, Telnet, SNMP 3, HTTP, HTTPS
Features	DHCP support, VLAN support, QoS, IPv6 support, Syslog
Compliant Standards	IEEE 802.3, IEEE 802.3u, IEEE 802.3z, IEEE 802.1D, IEEE 802.1Q, IEEE 802.3ab, IEEE 802.1p, IEEE 802.3af, IEEE 802.3x, IEEE 802.3ad, IEEE 802.1w, IEEE 802.1x, IEEE 802.1s, IEEE 802.3ah, IEEE 802.1ag, IEEE 802.3at
Stacking	Stackable
Security Features	SSH, RADIUS, TACACS+
Management	CLI
Dimensions (H x W x D)	17.5 in
Operating Temperature	32 to 113 °F (0 to 45 °C)
Humidity	10 - 95% (non-condensing)