Cisco Systems BC-23 manual Setting Filters at the MAC Layer, BC-46

Page 24

Configuring Transparent Bridging

Transparent and SRT Bridging Configuration Task List

Setting Filters at the MAC Layer, page 46

Filtering LAT Service Announcements, page 51

Note When setting up administrative filtering, remember that there is virtually no performance penalty in filtering by Media Access Control (MAC) address or vendor code, but there can be a significant performance penalty when filtering by protocol type.

When configuring transparent bridging access control, keep the following points in mind:

You can assign only one access list to an interface.

The conditions in the access list are applied to all outgoing packets not sourced by the Cisco IOS software.

Access lists are scanned in the order you enter them; the first match is used.

An implicit deny everything entry is automatically defined at the end of an access list unless you include an explicit permit everything entry at the end of the list.

All new entries to an existing list are placed at the end of the list. You cannot add an entry to the middle of a list. This means that if you have previously included an explicit permit everything entry, new entries will never be scanned. The solution is to delete the access list and retype it with the new entries.

You can create extended access lists to specify more detailed filters, such as address match only.

You should not use extended access lists on FDDI interfaces doing transit bridging as opposed to translational bridging.

Configuring bridging access lists of type 700 may cause a momentary interruption of traffic flow.

For more information on access lists, refer to the “Traffic Filtering and Firewalls” chapter of the Cisco IOS Security Configuration Guide.

Setting Filters at the MAC Layer

You can filter transmission of frames at the MAC layer by performing tasks in one of the following sections:

Filtering by Specific MAC Address

Filtering by Vendor Code

Filtering by Protocol Type

When filtering by a MAC-layer address, you can use two kinds of access lists: standard access lists that specify a simple address, and extended access lists that specify two addresses. You can also further restrict access by creating filters for these lists. After you have completed one of the preceding tasks, perform the task in the following section:

Defining and Applying Extended Access Lists

Note MAC addresses on Ethernets are “bit swapped” when compared with MAC addresses on TokenRing and FDDI. For example, address 0110.2222.3333 on Ethernet is 8008.4444.CCCC on Token Ring and FDDI. Access lists always use the canonical Ethernet representation. When using different media and building access lists to filter on MAC addresses, keep this point in mind. Note that when a bridged packet traverses a serial link, it has an Ethernet-style address.

Cisco IOS Bridging and IBM Networking Configuration Guide

BC-46

Page 23 Page 25
Image 24
Page 23 Page 25
Contents Transparent and SRT Bridging BC-23Transparent Bridging Features Integrated Routing and BridgingBC-24 Bridge-Group Virtual Interface BC-25BC-26 Bridge-Group Virtual Interface in the RouterSRT Bridging Features Other ConsiderationsBC-27 Transparent and SRT Bridging Configuration Task List BC-28Configuring Transparent Bridging and SRT Bridging Assigning Each Network Interface to a Bridge GroupAs Ieee 802.1D standard, DEC or Vlan bridge BC-29Command Purpose Transparently Bridged VLANs for ISLChoosing the OUI for Ethernet Type II Frames BC-30BC-31 Transparently Bridged VLANs on an Fddi BackboneRouting between ISL VLANs BC-32Specifies a subinterface Subinterface with the VlanSame bridge group BC-33Configuring a Subscriber Bridge Group Configuring Transparent Bridging over WANsConfiguring Fast-Switched Transparent Bridging over ATM BC-34Configuring Transparent Bridging over DDR CommandDefining the Protocols to Bridge Specifying the Bridging ProtocolConfiguring Transparent Bridging over Frame Relay Determining Access for BridgingConfiguring an Interface for Bridging Fast-Switched Transparent BridgingConfiguring Transparent Bridging over Multiprotocol Lapb Bridging in a Frame Relay Network with No MulticastsBridging in a Frame Relay Network with Multicasts BC-37Configuring Transparent Bridging over Smds Configuring Transparent Bridging overSpecifies IP-to-X.121 mapping BC-38Configuring Concurrent Routing and Bridging Configuring Integrated Routing and BridgingSpecifies a protocol to be routed on a bridge group BC-39Configuring Interfaces Configuring the Bridge-Group Virtual InterfaceEnabling Integrated Routing and Bridging BC-40Configuring Protocols for Routing or Bridging BC-41Configuring Transparent Bridging Options Disabling IP RoutingBC-42 Configuring LAT Compression Enabling Autonomous BridgingBC-43 Establishing Multiple Spanning-Tree Domains Establishes a multiple spanning-tree domainBC-44 Configuring Bridge Table Aging Time Filtering Transparently Bridged PacketsForwarding Multicast Addresses BC-45Setting Filters at the MAC Layer BC-46Filters particular MAC-layer station addresses Filtering by Vendor CodeEthernet-ordered MAC address BC-47Filtering by Protocol Type TypeBC-48 Defining and Applying Extended Access Lists Configuration modeInterface BC-49BC-50 Filtering LAT Service Announcements Enabling LAT Group Code Service FilteringBC-51 Adjusting Spanning-Tree Parameters BC-52Setting the Bridge Priority Setting an Interface PriorityAdjusting Bpdu Intervals Assigning Path CostsAdjusting the Interval between Hello BPDUs Defining the Forward Delay IntervalDisabling the Spanning Tree on an Interface Defining the Maximum Idle IntervalBC-55 Configuring the PA-12E/2FE Port Adapter BC-56Monitoring and Maintaining the PA-12E/2FE Port Adapter BC-57BC-58 BC-59 Configuring Circuit Groups BC-60Configuring Constrained Multicast Flooding Configures a transmission pause intervalDistributes base load on the source MAC address only BC-61BC-62 Basic Bridging Example BC-63Concurrent Routing and Bridging Example BC-64Basic Integrated Routing and Bridging Example BC-65Complex Integrated Routing and Bridging Example BC-66Transparently Bridged VLANs Configuration Example BC-67Router One Router TwoBC-68 Router Three BC-69Routing between VLANs Configuration Example Ethernet-to-FDDI Transparent Bridging ExampleBC-70 Ethernet Bridging Example Router/Bridge in BuildingBC-71 SRT Bridging Example BC-72Configuration for the New York City Router Configuration for the Thule, Greenland RouterMulticast or Broadcast Packets Bridging Example BC-73Configuration for Bridge Transparent Bridging ExampleBC-74 Frame Relay Transparent Bridging Examples Bridging in a Frame Relay Network with No MulticastsBC-75 Transparent Bridging over Multiprotocol Lapb Example Bridging in a Frame Relay Network with MulticastsBC-76 Transparent Bridging over DDR Examples BC-77Fast-Switched Transparent Bridging over Smds Example Complex Transparent Bridging Network Topology ExampleBC-78 BC-79 Bridged Subnetworks with DomainsConfiguration for Router a BC-80Configuration for Router B Configuration for Router CConfiguration for Router D BC-81Fast Ethernet Subscriber Port, Frame Relay Trunk Example ATM Subscriber Ports, ATM Trunk ExampleBC-82 BC-83 Configuration of IRB for PA-12E/2FE Port Adapter Example BC-84

BC-23 specifications

Cisco Systems has long been a leader in the networking industry, and its BC-23 model exemplifies the company's commitment to innovation and performance. Aimed at enhancing business operations, the BC-23 is tailored for organizations looking for robust solutions that support their digital transformation efforts.

One of the standout features of the Cisco BC-23 is its advanced networking capabilities. It supports high-speed data transmission, enabling seamless communication across networks. With multi-gigabit Ethernet ports, the BC-23 facilitates faster data rates, accommodating the increasing bandwidth demands of modern applications. This feature is particularly beneficial for businesses that rely heavily on cloud services, video conferencing, and data-heavy applications.

Security is a top priority, and the Cisco BC-23 incorporates cutting-edge security measures. Integrated threat detection and prevention systems help safeguard sensitive data from cyber threats. Additionally, the device supports secure access protocols, ensuring that only authorized users can connect to the network. This multi-layered security approach not only protects the network infrastructure but also secures the integrity of the data being transmitted.

Another significant characteristic of the BC-23 is its support for software-defined networking (SDN). This technology allows businesses to manage their networks through centralized software applications, facilitating real-time adjustments and optimizations. The flexibility afforded by SDN is especially advantageous in dynamic environments where network demands can shift rapidly.

The Cisco BC-23 also offers enhanced management features, allowing IT teams to monitor network performance and analytics effectively. This visibility into network operations enables organizations to identify potential issues before they escalate, minimizing downtime and keeping business processes smooth.

Furthermore, the BC-23 is designed for scalability. As organizations grow, their networking needs evolve, and the BC-23 can easily adapt to these changes. Businesses can add additional devices and capabilities without the need for a complete overhaul of their existing infrastructure.

With its combination of speed, security, and scalability, the Cisco Systems BC-23 is an invaluable asset for modern businesses. It stands out not just as a networking device but as a comprehensive solution that meets the demands of today's fast-paced, technology-driven environment. As companies continue to leverage digital tools for growth and efficiency, the BC-23 will undoubtedly play a significant role in their success.
Top Page Image Contents