Chapter 5
Setup and Configuration
RUGGEDCOM ROX II
User Guide
672 Configuring Layer 3 Switching
Layer 3 switch ASICs are somewhat limited in how switching rules can be defined. These limitations do not allow
configuring arbitrary firewall rules directly in the Layer 3 switch hardware. For sophisticated firewall rules, the
firewall has to be implemented in software and the Layer 3 Switch must not switch traffic that is subject to firewall
processing.
Whenever a change is made to the firewall configuration, some of the dynamically learned Layer 3 switching
rules might conflict with the new firewall configuration. To resolve potential conflicts, dynamically learned Layer
3 switching rules are flushed upon any changes to the firewall configuration. The dynamically learned Layer 3
switching rules then have to be re-learned while the new firewall rules are applied.
For statically configured Layer 3 switching rules, take care to avoid conflicts between Layer 3 switching and the
firewall. It should be understood that static Layer 3 switching rules always take precedence. Therefore, you must
thoroughly examine the switch configuration for potential conflicts with the firewall. For more information about
firewalls, refer to Section 5.17, “Managing Firewalls”
Section 5.31.2
Configuring Layer 3 Switching
To configure Layer 3 switching, do the following:
NOTE
When hardware acceleration is used, and learning mode is set to flow-oriented, fragmented IP packets
cannot be forwarded. To overcome this limitation, if it is known there will be a significant amount of
fragmented packets, set learning mode to host-oriented.
1. Change the mode to Edit Private or Edit Exclusive.
2. Navigate to switch » layer3-switching. The Layer 3 Switching form appears.
Figure 790: Layer 3 Switching Form
1. Unicast Mode List 2. Multicast Mode List 3. Learn Mode List 4. Aging Time (sec) Box
To Next Page
Loading...
