C
HAPTER
34
| VLAN Commands
Configuring Port-based Traffic Segmentation
– 800 –
Console(config-if)#interface ethernet 1/2
Console(config-if)#switchport dot1q-tunnel mode uplink
Console(config-if)#end
Console#show dot1q-tunnel
Current double-tagged status of the system is Enabled
The dot1q-tunnel mode of the set interface 1/1 is Access mode, TPID is 0x8100.
The dot1q-tunnel mode of the set interface 1/2 is Uplink mode, TPID is 0x8100.
The dot1q-tunnel mode of the set interface 1/3 is Normal mode, TPID is 0x8100.
.
.
.
RELATED COMMANDS
switchport dot1q-tunnel mode (798)
CONFIGURING PORT-BASED TRAFFIC SEGMENTATION
If tighter security is required for passing traffic from different clients
through downlink ports on the local network and over uplink ports to the
service provider, port-based traffic segmentation can be used to isolate
traffic for individual clients.
traffic-segmentation This command enables traffic segmentation globally, or configures the
uplink and down-link ports for a segmented group of ports. Use the no
form to disable traffic segmentation globally.
SYNTAX
[no] traffic-segmentation [uplink interface-list
downlink interface-list]
uplink – Specifies an uplink interface.
downlink – Specifies a downlink interface.
DEFAULT SETTING
Disabled globally
No segmented port groups are defined.
COMMAND MODE
Global Configuration
COMMAND USAGE
◆ Traffic segmentation provides port-based security and isolation
between ports within the VLAN. Data traffic on the downlink ports can
Table 109: Commands for Configuring Traffic Segmentation
Command Function Mode
traffic-segmentation Enables and configures traffic segmentation GC
show traffic-
segmentation
Displays the configured traffic segments PE
To Next Page
Loading...
