Basic Node
3.7.2 Ethernet Switch functionality
The NPU3 B contains a non-blocking gigabit Ethernet switch with nine Gigabit
ports where two are available on the front and the seven others are used via
the backplane.
The switch is a managed VLAN switch (IEEE 802.1Q and IEEE 802.1D) and
HW prepared for provider bridge switching (IEEE 802.1ad).
The Ethernet LAN ports on the NPU3 B have interfaces that supports
auto-negotiation 10/100/1000 Mbit/s speed and full/half duplex. The interfaces
are physically RJ45 connectors.
3.7.2.1 Security
The NPU3 B supports:
• White lists - a source MAC address based white list can provide port access
control at the network edge.
• Storm protection - The bridge includes filters to prevent broadcast and
multicast storms.
• Port blocking - Prevent forwarding of frames from a given ingress port to
one or more egress ports.
• Frame admittance - It is possible to block or admit the following frame types
at the network edge:
Q-Tagged (priority bits/VID set in Q-tag)
Priority tagged (only priority bits set in Q-tag)
Untagged (no Q-tag)
Other/unrecognized frame types (e.g. S-tags) are discarded at the network
edge.
• MAC address limiting per port - It is possible to limit the MAC address
table per port to prevent external devices/networks to flood the customer
network with MAC addresses.
• Optional VLAN ID tagging per port
3.7.2.2 Class of Service
The Class of Service (CoS) value for a frame is a representation of the end
user application, such as voice and best effort data. The CoS value is set
in the priority bits in the Ethernet header. A frame’s CoS is typically defined
at the network edge. The priority bits are set based on whether the port is
trusted/tagged or not. The following options are supported:
• DSCP value in IP header
37
12/221 02-CSH 109 32/1-V1 Uen A 2008-03-14
To Next Page
Loading...
