Configuring Port Isolation
To configure Port Isolation, use the following steps:
- Configure the isolated ports. In this example, ports 1 and 2:
CLI (network-admin@Leaf1) > port-config-modify port 1,2 no-local-switching
- Optionally, configure the port link state association. A port association is required to match the link state of downlink isolated ports with the one of uplink ports. When all uplink ports are down, downlink isolated ports are administratively disabled until one of the uplinks becomes operational again. In this example, the port association name is PA, uplink (master), ports value is 64, and isolated downlink (slave) ports value are 1, 2.
CLI (network-admin@Leaf1) > port-association-create-name PA master-ports 64 slave-ports 1,2 policy any-master
- Optionally, disable ARP and ND optimization.
CLI (network-admin@Leaf1) > system-settings-modify no-optimize-arps
CLI (network-admin@Leaf1) > system-settings-modify no-optimize-nd
This feature uses the command no-local-switching for the port-config-modify command. To configure one or more isolated ports:
CLI (network-admin@Leaf1) > port-config-modify port port-list no-local-switching
To view ports that are impacted by the no-local-switching command, use the port-egress-show command:
|
switch ------ |
port ---- |
egress ------ |
rx-only ------- |
active-active-vlags ------------ |
loopback -------- |
mir-prevent-out ------------ |
no-local-switching-out ------------- |
|
1 |
0-72 |
none |
none |
none |
none |
none |
none |
|
2 |
0-72 |
none |
none |
none |
none |
none |
none |
|
3 |
0-72 |
none |
none |
none |
none |
none |
none |
|
4 |
0-72 |
none |
none |
none |
none |
none |
none |
|
5 |
0-4,11-72 |
none |
none |
none |
none |
none |
5-10 |
|
6 |
0-4,11-72 |
none |
none |
none |
none |
none |
5-10 |
|
7 |
0-4,11-72 |
none |
none |
none |
none |
none |
5-10 |
|
8 |
0-4,11-72 |
none |
none |
none |
none |
none |
5-10 |
The following Port Isolation options for the trunk-create, trunk-modify, and trunk-show commands are as follows:
CLI (network-admin@Leaf1) > trunk-create
|
trunk-create |
Create a trunk configuration for link aggregation |
|
One or more of the following options: |
|
|
local-switching|no-local-switching |
Specify no-local-switching if you do not want the port to bridge traffic to another no-local-switching port. |
CLI (network-admin@Leaf1) > trunk-modify
|
trunk-modify |
Modify a trunk configuration for link aggregation |
|
One or more of the following options: |
|
|
reflect|noreflect |
Specify if physical port reflection is enabled or not. |
CLI (network-admin@Leaf1) > trunk-show
|
trunk-show |
Display trunk configuration |
|
One or more of the following options: |
|
|
reflect|noreflect |
Displays if physical port reflection is enabled or not. |