29-11
Cisco IE 2000 Switch Software Configuration Guide
OL-25866-01
Chapter 29 Configuring Port-Based Traffic Control
How to Configure Port-Based Traffic Control
Configuring Port Blocking

Blocking Flooded Traffic on an Interface

Note The interface can be a physical interface or an EtherChannel group. When you block multicas t or unicast
traffic for a port channel, it is blocked on all ports in the port-channel group.
Configuring Port SecurityEnabling and Configuring Port Security
Step 3 switchport protected Configures the interface to be a protected port.
Step 4 end Returns to privileged EXEC mode.
Command Purpose
Step 1 configure terminal Enters global configuration mode.
Step 2 interface interface-id Specifies the interface to be configured, and enters interface
configuration mode.
Step 3 switchport block multicast Blocks unknown multicast forwarding out of the port.
Note Only pure Layer 2 multicast traffic is blocked. Multicast
packets that contain IPv4 or IPv6 information in the
header are not blocked.
Step 4 switchport block unicast Blocks unknown unicast forwarding out of the port.
Step 5 end Returns to privileged EXEC mode.
Command Purpose
Step 1 configure terminal Enters global configuration mode.
Step 2 interface interface-id Specifies the interface to be configured, and enters interface configuration
mode.
Step 3 switchport mode {access | trunk}Sets the interface switchport mode as access or trunk. An interface in the
default mode (dynamic auto) cannot be configured as a se cure port.
Step 4 switchport voice vlan vlan-id Enables voice VLAN on a port.
vlan-id—Specifies the VLAN to be used for voice traffic.
Step 5 switchport port-security Enables port security on the interface.
Command Purpose