Egress ports – Allied Telesis AT-S63 User Manual

Chapter 28: MAC Address-based VLANs

310

Section VI: Virtual LANs

Egress Ports

Implementing a MAC address-based VLAN involves more than entering
the MAC addresses of the end nodes that are members of the VLAN. You
must also designate the egress ports on the switch for the packets from
the nodes. The egress ports define the limits of flooding of packets when a
port receives a unicast packet with an unknown destination address (that
is, an address that has not been learned by the MAC address table).
Without knowing the egress ports, the switch would be forced to flood the
packets on all switch ports, and that could result in a security violation
where end nodes receive packets from other nodes that are in different
VLANs.

Table 89 illustrates a simple example of the mapping of addresses to
egress ports for a MAC address-based VLAN of 6 nodes. The example
consists of four workstations, a printer, and a server. For instance,
Workstation 1 is connected to port 1 on the switch and is mapped to
egress ports 5 for the server and 6 for the printer.

Obviously, mapping source MAC addresses to egress ports can become
cumbersome if you are dealing with a MAC address-based VLAN that
encompasses a large number of ports and nodes. Fortunately, the egress
ports of a VLAN are considered as a community and, as such, need only
be designated as an egress port of one address in the VLAN to be
considered an egress port of all the addresses.

For instance, referring to the previous example, if workstation 1 sends a
packet containing an unknown destination MAC address, the switch does
not flood the packet to just ports 5 and 6, even though those are the
designated egress ports for packets from workstation 1. Rather, it floods it
out all egress ports assigned to all the MAC addresses of the VLAN,
except, of course, the port where the packet was received. In the example
the switch would flood the packet out ports 2 through 6.

Table 89. Mappings of MAC Addresses to Egress Ports Example

MAC address

End Node

Switch Egress

Port

00:30:84:54:1A:45

Workstation 1 (Port 1)

5, 6

00:30:84:C3:5A:11

Workstation 2 (Port 2)

5, 6

00:30:84:22:67:17

Workstation 3 (Port 3)

5, 6

00:30:84:78:75:1C

Workstation 4 (Port 4)

5, 6

00:30:79:7A:11:10

Server (Port 5)

1-4

00:30:42:53:10:3A

Printer (Port 6)

1-4