Manuals / Allied Telesis / Computer Equipment / Switch

Allied Telesis 2.6.1 manual Virtual Local Area Networks VLANs

Models: 2.6.1

1 118
Download 118 pages 49.82 Kb
Page 72
Image 72

72

AT-8800 Series Switch User Guide

Table 9: Example output from the SHOW SWITCH PORT INTRUSION command.

Switch Port Information

----------------------------------------------------------------------------

Port 2 - 13 intrusion(s) detected

00-00-c0-1d-2c-f8 00-90-27-87-a5-22 00-00-cd-01-00-4a 00-d0-b7-4d-93-c0 08-00-5a-a1-02-3f 00-d0-b7-d5-5f-a9 00-b0-d0-20-d1-01 00-90-99-0a-00-49 00-10-83-05-72-83 00-00-cd-00-45-9e 00-00-c0-ad-a3-d0 00-a0-24-8e-65-3c 00-90-27-32-ad-61

----------------------------------------------------------------------------

A switch port can be manually locked before it reaches the learning limit, by using the command:

ACTIVATE SWITCH PORT={port-listALL} LOCK

Addresses can be manually added to a port locked list up to a total of 256 MAC addresses, and the learning limit can be extended to accommodate them, by using the command:

ADD SWITCH FILTER ACTION={FORWARDDISCARD} DESTADDRESS=macadd

PORT=port [ENTRY=entry] [LEARN] [VLAN={vlanname1..4094}]

Learned addresses on locked ports can be saved as part of the switch configuration, so that they will be part of the configuration after a power cycle, using the command:

CREATE CONFIG=filename

If the configuration is not saved when there is a locked list for a port, the learning process begins again after the switch is restarted.

Virtual Local Area Networks (VLANs)

A Virtual LAN (VLAN) is a logical, software-defined subnetwork. It allows similar devices on the network to be grouped together into one broadcast domain, irrespective of their physical position in the network. Multiple VLANs can be used to group workstations, servers, and other network equipment connected to the switch, according to similar data and security requirements.

Decoupling logical broadcast domains from the physical wiring topology offers several advantages, including the ability to:

Move devices and people with minimal, or no, reconfiguration

Change a device’s broadcast domain and access to resources without physically moving the device, by software reconfiguration or by moving its cable from one switch port to another

Isolate parts of the network from other parts, by placing them in different VLANs

Share servers and other network resources without losing data isolation or security

Direct broadcast traffic to only those devices which need to receive it, to reduce traffic across the network

Connect 802.1Q-compatible switches together through one port on each switch

Software Release 2.6.1 C613-02039-00 REV A

Page 71 Page 73
Page 72
Image 72
Allied Telesis 2.6.1 manual Virtual Local Area Networks VLANs, Example output from the Show Switch Port Intrusion command
Page 71 Page 73