Configuring port isolation, Assigning ports to the isolation group, Displaying and maintaining the isolation group – H3C Technologies H3C WX5500E Series Access Controllers User Manual
Page 63
52
Configuring port isolation
Port isolation enables isolating Layer 2 traffic for data privacy and security without using VLANs. You can
also use this feature to isolate the hosts in a VLAN from one another.
The device supports only one isolation group that is created automatically by the system as isolation
group 1. You can neither remove the isolation group nor create other isolation groups on the device.
The number of ports assigned to the isolation group is not limited.
Within the same VLAN, Layer 2 data transmission between ports within and outside the isolation group
is supported.
Assigning ports to the isolation group
Step Command
Remarks
1.
Enter system view.
system-view
N/A
2.
Enter interface view or port
group view.
•
Enter Layer 2 Ethernet interface
view:
interface interface-type
interface-number
•
Enter Layer 2 aggregate
interface view:
interface bridge-aggregation
interface-number
•
Enter port group view:
port-group manual
port-group-name
Use one of the commands.
•
In Layer 2 Ethernet interface view,
configurations apply only to the
port.
•
In Layer 2 aggregate interface
view, configurations apply to the
Layer 2 aggregate interface and
all its member ports.
•
In port group view, configurations
apply to all ports in the port
group.
3.
Assign the ports to the
isolation group.
port-isolate enable
No ports are assigned to the isolation
group by default.
NOTE:
After you configure a command on a Layer 2 aggregate interface, the system starts applying the
configuration to the aggregate interface and its aggregation member ports. If the system fails to do that on
the aggregate interface, it stops applying the configuration to the aggregation member ports. If it fails to
do that on an aggregation member port, it simply skips the port and moves to the next port.
Displaying and maintaining the isolation group
Task Command
Remarks
Display isolation group information.
display port-isolate group [ | { begin |
exclude | include } regular-expression ]
Available in any view.