Configuring Transparent Bridging

Transparent and SRT Bridging Configuration Task List

Setting Filters at the MAC Layer, page 46

Filtering LAT Service Announcements, page 51

Note When setting up administrative filtering, remember that there is virtually no performance penalty in filtering by Media Access Control (MAC) address or vendor code, but there can be a significant performance penalty when filtering by protocol type.

When configuring transparent bridging access control, keep the following points in mind:

You can assign only one access list to an interface.

The conditions in the access list are applied to all outgoing packets not sourced by the Cisco IOS software.

Access lists are scanned in the order you enter them; the first match is used.

An implicit deny everything entry is automatically defined at the end of an access list unless you include an explicit permit everything entry at the end of the list.

All new entries to an existing list are placed at the end of the list. You cannot add an entry to the middle of a list. This means that if you have previously included an explicit permit everything entry, new entries will never be scanned. The solution is to delete the access list and retype it with the new entries.

You can create extended access lists to specify more detailed filters, such as address match only.

You should not use extended access lists on FDDI interfaces doing transit bridging as opposed to translational bridging.

Configuring bridging access lists of type 700 may cause a momentary interruption of traffic flow.

For more information on access lists, refer to the “Traffic Filtering and Firewalls” chapter of the Cisco IOS Security Configuration Guide.

Setting Filters at the MAC Layer

You can filter transmission of frames at the MAC layer by performing tasks in one of the following sections:

Filtering by Specific MAC Address

Filtering by Vendor Code

Filtering by Protocol Type

When filtering by a MAC-layer address, you can use two kinds of access lists: standard access lists that specify a simple address, and extended access lists that specify two addresses. You can also further restrict access by creating filters for these lists. After you have completed one of the preceding tasks, perform the task in the following section:

Defining and Applying Extended Access Lists

Note MAC addresses on Ethernets are “bit swapped” when compared with MAC addresses on TokenRing and FDDI. For example, address 0110.2222.3333 on Ethernet is 8008.4444.CCCC on Token Ring and FDDI. Access lists always use the canonical Ethernet representation. When using different media and building access lists to filter on MAC addresses, keep this point in mind. Note that when a bridged packet traverses a serial link, it has an Ethernet-style address.

Cisco IOS Bridging and IBM Networking Configuration Guide

BC-46

Page 23 Page 25
Page 24
Image 24
Cisco Systems BC-23 manual Setting Filters at the MAC Layer, BC-46
Page 23 Page 25

BC-23 specifications

Cisco Systems has long been a leader in the networking industry, and its BC-23 model exemplifies the company's commitment to innovation and performance. Aimed at enhancing business operations, the BC-23 is tailored for organizations looking for robust solutions that support their digital transformation efforts.

One of the standout features of the Cisco BC-23 is its advanced networking capabilities. It supports high-speed data transmission, enabling seamless communication across networks. With multi-gigabit Ethernet ports, the BC-23 facilitates faster data rates, accommodating the increasing bandwidth demands of modern applications. This feature is particularly beneficial for businesses that rely heavily on cloud services, video conferencing, and data-heavy applications.

Security is a top priority, and the Cisco BC-23 incorporates cutting-edge security measures. Integrated threat detection and prevention systems help safeguard sensitive data from cyber threats. Additionally, the device supports secure access protocols, ensuring that only authorized users can connect to the network. This multi-layered security approach not only protects the network infrastructure but also secures the integrity of the data being transmitted.

Another significant characteristic of the BC-23 is its support for software-defined networking (SDN). This technology allows businesses to manage their networks through centralized software applications, facilitating real-time adjustments and optimizations. The flexibility afforded by SDN is especially advantageous in dynamic environments where network demands can shift rapidly.

The Cisco BC-23 also offers enhanced management features, allowing IT teams to monitor network performance and analytics effectively. This visibility into network operations enables organizations to identify potential issues before they escalate, minimizing downtime and keeping business processes smooth.

Furthermore, the BC-23 is designed for scalability. As organizations grow, their networking needs evolve, and the BC-23 can easily adapt to these changes. Businesses can add additional devices and capabilities without the need for a complete overhaul of their existing infrastructure.

With its combination of speed, security, and scalability, the Cisco Systems BC-23 is an invaluable asset for modern businesses. It stands out not just as a networking device but as a comprehensive solution that meets the demands of today's fast-paced, technology-driven environment. As companies continue to leverage digital tools for growth and efficiency, the BC-23 will undoubtedly play a significant role in their success.
Top Page Image Contents