Chapter 8
| General Security Measures
Port-based Traffic Segmentation
– 265 –
Command Mode
Global Configuration
Note:
This switch cannot trap packets where both the source port and destination
port are set to zero.
Example
Console(config)#flow tcp-udp-port-zero forward
Console(config)#
show flow This command shows the action taken against attacks which set the Layer 4 source
or destination port to zero.
Command Mode
Privileged Exec
Example
Console#show flow
TCP/UDP port-zero action : drop
Console#
Port-based Traffic Segmentation
If tighter security is required for passing traffic from different clients through downlink ports
on the local network and over uplink ports to the service provider, port-based traffic
segmentation can be used to isolate traffic for individual clients.
Table 54: Commands for Configuring Traffic Segmentation
Command Function Mode
traffic-segmentation Enables and configures traffic segmentation GC
show traffic-segmentation Displays the configured traffic segments PE
To Next Page
Loading...
