Configuration Guide Port-based Flow Control Configuration
Protected Port
Overview
In some application environments, some ports are not required to communicate with each other on a
device. In such case, frame forwarding is not allowed between the protected ports, no mattter the
frames are unicast frames, broadcast frames or multicast frames. To achieve this purpose, you can
set some ports as protected ports.
Once ports are set as protected ports, they cannot communicate with each other. However, protected
ports can still communicate with unprotected ports.
There are two protected port modes: one is to block layer 2 forwarding between protected ports but
allow layer 3 routing; the other is to block layer 2 forwarding and layer 3 routing between protected
ports. The first mode is by default when both modes are supported.
When you set two protected ports as a SPAN port pair, the frames transmitted or received by the
source port of SPAN are sent to the destination port of SPAN according to the SPAN setting.
Therefore, it is not recommended to set the destination port of SPAN as the protected port (and you
can also save system resources by doing so).
The device supports setting the Aggregated Port as the protected port. Once you do that, all the
member ports of the Aggregated Port will be set as the protected port.
Configuring the Protected Port
Set one port as the protected port:
You can reset a port as unprotected port with the no switchport protected command in the interface
configuration mode.
The following example describes how to set the Gigabitethernet 0/3 as the protected port.
Ruijie# configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Ruijie(config)# interface gigabitethernet 0/3
Ruijie(config-if)# switchport protected
Ruijie(config-if)# end
Showing Protected Port Configuration