3 destination address filter, 2 port filters – Enterasys Networks Fast Network 10 User Manual

Chapter 5: FN10 Filters

Page 5-4

Fast Network 10 User Guide

5.1.3 Destination Address Filter

A destination address filter can be used to discard all traffic destined to a
specific MAC address. This type of filter is configured by setting a static
address entry for the MAC address and specifying

{null}

as the port

assignment. The port assigned by the static entry will take precedence
over the port learned by the FN10’s learning algorithm.

Destination address filters can be used to create virtual LANs. For
example, if you want users on Ports 1 and 2 to communicate with each
other, and users on Ports 3, 4, and 5 to communicate with each other, but
not allow cross traffic between the two groups, you could configure a
destination address filter for the broadcast address (i.e., ff:ff:ff:ff:ff:ff), as
follows:

•

Source Port 1, then forward to Port 2

•

Source Port 2, then forward to Port 1

•

Source Port 3, then forward to Ports 4 and 5

•

Source Port 4, then forward to Ports 3 and 5

•

Source Port 5, then forward to Ports 3 and 4

5.2 PORT FILTERS

In contrast to Bridge Address Table filters, which apply to traffic to or
from a particular MAC address, Port filters apply to traffic to or from a
specific port on the FN10.

Using any of the FN10

management tools, you can assign an Entry port

one of the following restrictions:

•

Filter all packets entering the port, except those from addresses defined
as static entries in the FN10 Bridge Address Table.

•

Treat all packets with identical source and destination addresses as
broadcasts.

•

Filter all packets that match all of the fields in the Port filter.