Manualshelf

Technical data

ManualsBrandsBrocade Communications Systems ManualsComputer equipment8/80
21222324252627282930
ServerIron Switching and Routing Guide
2 - 14 © 2012 Brocade Communications Systems, Inc. May 2012
The show vlan command displays a separate row for dual-mode ports on each VLAN. For example:
MAC Filters
The following sections describe how to configure MAC filters for Layer 2 operations.
Configuring Filters for Layer 2 Filtering
A MAC filter enables you to explicitly permit or deny switching of a Layer 2 packet received by the Brocade device.
When the device receives a Layer 2 packet for switching, the device checks the packet’s contents against the
defined MAC filters. If the packet matches a filter, the system takes the action specified in the filter.
If the action is permit, the system allows the packet to be switched.
If the action is deny, the system immediately drops the packet.
To ensure security, if a packet does not match any of the MAC filters defined on the system, the system drops the
packet by default. To configure the system to permit packets by default, you must define the last MAC filter in the
filter list to allow all packets.
MAC filters can evaluate packets based on criteria such as source address and mask, destination address and
mask, and protocol type (IP, ARP, and so on).
NOTE: You cannot use Layer 2 filters to filter Layer 4 information. To filter Layer 4 information, use IP filters.
NOTE: You cannot use Layer 2 filters to filter Layer 4 information. To filter Layer 4 information, use ACLs.The
standard and extended ACLs described in that chapter are supported on the ServerIron.
To define filters for Layer 2 filtering on MAC addresses, enter commands such as the following:
ServerIron(config)#mac filter 1 deny 3565.3475.3676 ffff.0000.0000 any etype eq 806
ServerIron(config)#mac filter 1024 permit any any
ServerIron(config)#int e 1/1
ServerIron(config)#show vlan
Total PORT-VLAN entries: 3
Maximum PORT-VLAN entries: 16
legend: [S=Slot]
PORT-VLAN 1, Name DEFAULT-VLAN, Priority level0, Spanning tree Off
Untagged Ports: (S1) 1 2 3 4 5 6 7 8
Untagged Ports: (S2) 1 2 3 4 5 6 7 8 12 13 14 15 16 17 18 19
Untagged Ports: (S2) 20 21 22 23 24
Tagged Ports: None
Uplink Ports: None
DualMode Ports: None
PORT-VLAN 10, Name [None], Priority level0, Spanning tree Off
Untagged Ports: (S2) 10
Tagged Ports: None
Uplink Ports: None
DualMode Ports: (S2) 11
PORT-VLAN 20, Name [None], Priority level0, Spanning tree Off
Untagged Ports: None
Tagged Ports: (S2) 9
Uplink Ports: None
DualMode Ports: (S2) 11