Specifications

Features
6 Enterasys Xpedition 2000 Getting Started Guide
IPX Routing
The XP-2000 supports the following IPX routing protocols:
IPX RIP a version of the Routing Information Protocol (RIP) tailored for IPX
IPX SAP the Service Advertisement Protocol, which allows hosts attached to an IPX
network to reach printers, file servers, and other services
By default, IPX routing is enabled on the XP-2000 when an IPX interface is created.
Layer-4 Switching
In addition to Layer-2 bridging and Layer-3 routing, the XP-2000 performs Layer-4
switching. Layer-4 switching is based on applications and flows.
Layer-4 applications The XP-2000 understands the application for which an IP or IPX
packet contains data and therefore enables you to manage and control traffic on an
application basis. For IP traffic, the XP-2000 looks at the packets TCP or UDP port
number to determine the application. For IPX packets, the XP-2000 looks at the
destination socket to determine the application.
Layer-4 flows The XP-2000 can store Layer-4 flows in each expansion module. A
Layer-4 flow consists of the source and destination addresses in the IP or IPX packet
combined with the TCP or UDP source and destination port number (for IP) or the
source and destination socket (for IPX). You can therefore manage and control
individual flows between hosts on an individual application basis.
A single host can have many individual Layer-4 entries in the XP-2000. For example, an IP
host might have separate Layer-4 application entries for email, FTP, HTTP, and so on, or
separate Layer-4 flow entries for specific email destinations and for specific FTP and Web
connections.
Security
The bridging, routing, and application (Layer-2, Layer-3, and Layer-4) support described
in previous sections enables you to implement security filters that meet the specific needs
of your organization. You can implement the following types of filters to secure traffic on
the XP-2000:
Layer-2 source filters (block bridge traffic based on source MAC address)
Layer-2 destination filters (block bridge traffic based on destination MAC address)
Layer-2 flow filters (block bridge traffic based on specific source-destination pairs)
Layer-3 source filters (block IP or IPX traffic based on source IP or IPX address)
Layer-3 destination filters (block IP or IPX traffic based on destination IP or IPX
address)