Brocade Mobility Access Point System Reference Guide (Supporting software release 5.5.0.0 and later) User Manual

Brocade Mobility Access Point System Reference Guide

319

53-1003100-01

5

FIGURE 167

Device Overrides - Add Network Bridge VLAN screen

If adding a new bridge VLAN configuration, use the spinner control to define or override a VLAN ID
from 1 - 4094. This value must be defined and saved before the General tab can become enabled
and the remainder of the settings defined.

If creating a new Bridge VLAN, provide a Description (up to 64 characters) unique to the VLAN’s
specific configuration to help differentiate it from other VLANs with similar configurations.

Select the Per VLAN Firewall option to enable firewall on this interface. Firewalls, generally, are
configured for all interfaces on a device. When configured, firewalls generate a large amount of
flow tables that store information on the traffic that is allowed to traverse through the firewall.
These flow tables occupy a large portion of the limited memory on the device that could be used for
other critical purposes. With the Per VLAN firewall feature enabled on an interface, flow tables are
only generated for that interface, Flow tables are not generated for those interfaces where this
feature is not enabled. This frees up memory that can be used for other purposes.

Firewall can be switched off for those interfaces which are known to carry trusted traffic and only
enabled on the interfaces that can provide a vector for an attack on the network.

Select the L2 Tunnel Broadcast Optimization option to prevent flooding of ARP packets on this
bridge interface.

Broadcast optimization prevents flooding of ARP packets over the virtual interface. Based on the
learned information, ARP packets are filtered.