[c-nsp] VLAN MAP

Capron, Mathew mcapron at aimnetsolutions.com
Tue May 16 14:36:41 EDT 2006



A Vlan map and apply it using the VLAN filter command.  It can be
configured to allow or discard IP(L3) or MAC(L2) traffic between ports
within a VLAN.   I know this feature is available from the 3550 up.  I
am not sure about support for it below that.

Putting a Layer 3 ACL on the VLAN interface will not allow it out of the
VLAN but will still allow ports on the same VLAN to talk with different
addressing. 


-----Original Message-----
From: cisco-nsp-bounces at puck.nether.net
[mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Peter Salanki
Sent: Tuesday, May 16, 2006 1:32 PM
To: Jeff Kell
Cc: cisco-nsp at puck.nether.net; Jared Mauch
Subject: Re: [c-nsp] VLAN MAP

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

3750 won't.
16 maj 2006 kl. 19.26 skrev Jeff Kell:

> Jared Mauch wrote:
>> 	Why not just use unicast-rpf?
>>
>> 	ip verify unicast ..
>
> Unless things have changed drastically, unicast-rpf has very  
> limited support in access layer switches.
> In the Catalyst line, the 6500/7600 will do it, I know the 29xx/ 
> 35xx/45xx will not (unless I missed an IOS update), don't know  
> about 37xx.
>
> Jeff
>
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/

Sincerely

Peter Salanki
Chief Network Engineer
Bahnhof AB (AS8473)
www.bahnhof.se
Office: +46855577132
Cell: +46709174932


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (Darwin)

iD8DBQFEagyFiQKhdiFGiogRAsiwAKCYZyVtmiPwLTmWrGR3dtJHewIREwCdExUy
+stFFkHsgl0bpZHSF6rOUt4=
=LsZE
-----END PGP SIGNATURE-----
_______________________________________________
cisco-nsp mailing list  cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/



More information about the cisco-nsp mailing list