The Port Isolation feature blocks accidental and intentional inter-communication between different customers residing on different physical ports. This feature provides a much simpler blocking mechanism without the use of ACL hardware. The fundamental requirements are as follows:
- Blocking Rules: All traffic types received on a isolation port is blocked from being forwarded through other ‘isolation‘ ports.
- All traffic types received on an isolation port can be forwarded to any other port.
- All traffic types received on non-isolation ports are permitted to be forwarded to isolation ports.
There is no access-list hardware use. The blocking mechanism is a set of one or two table memories. These resources are not shared with other features, nor do they have any scaling limits that can be reached by configuring this feature. Port isolation can be configured in conjunction with other features, including VPLS, IDM, and XNV. However, you cannot configure a mirror-to port to be an isolated port.