Port Isolation
The Port Isolation feature blocks accidental and intentional
inter-communication between different customers residing on different physical ports. This
feature provides a much simpler blocking mechanism without the use of
ACL hardware. The fundamental requirements are as follows:
- Blocking Rules: All traffic types received on a isolation port is
blocked from being forwarded through other ‘isolation‘ ports.
- All traffic types received on an isolation port can be forwarded to any
other port.
- All traffic types received on non-isolation ports are permitted to be
forwarded to isolation ports.
There is no access-list hardware use. The blocking mechanism is a set of one
or two table memories. These resources are not shared with other features, nor do they have any
scaling limits that can be reached by configuring this feature. Port isolation can be configured
in conjunction with other features, including VPLS, IDM, and XNV.
However, you cannot configure a mirror-to port to be an isolated port.
