1-1
1 Port Isolation Configuration
When configuring port isolation, go to these sections for information you are interested in:
z Introduction to Port Isolation
z Configuring the Isolation Group for a Single-Isolation-Group Device
z Displaying and Maintaining Isolation Groups
z Port Isolation Configuration Example
Introduction to Port Isolation
Usually, Layer 2 traffic isolation is achieved by assigning ports to different VLANs. To save VLAN
resources, port isolation is introduced to isolate ports within a VLAN, allowing for great flexibility and
security.
Currently:
z S5120-EI series Ethernet switches support only one isolation group that is created automatically by
the system as isolation group 1. These devices are referred to as single-isolation-group devices.
You can neither remove the isolation group nor create other isolation groups on such devices.
z There is no restriction on the number of ports assigned to an isolation group.
Configuring the Isolation Group for a Single-Isolation-Group Device
Assigning a Port to the Isolation Group
Follow these steps to add a port to the isolation group:
To do… Use the command… Remarks
Enter system view
system-view
—
Enter Ethernet
interface view
interface interface-type
interface-number
Enter Layer-2
aggregate
interface view
interface
bridge-aggregation
interface-number
Enter
interface
view or,
port group
view
Enter port
group view
port-group manual
port-group-name
Required
Use one of the commands.
z In Ethernet interface view, the
subsequent configurations apply to
the current port.
z In Layer-2 aggregate interface view,
the subsequent configurations apply
to the Layer-2 aggregate interface
and all its member ports.
z In port group view, the subsequent
configurations apply to all ports in the
port group.
Assign the port or ports to the
isolation group as an isolated
port or ports
port-isolate enable
Required
No ports are added to the isolation group
by default.
To Next Page
Loading...
Need help?
General