In addition to Weibo, there is also WeChat
Please pay attention
WeChat public account
Shulou
2025-03-26 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Network Security >
Share
Shulou(Shulou.com)06/01 Report--
Security technology 4:arp
ARP (Address Resolution Protocol, address Resolution Protocol) is a TCP/IP protocol for obtaining physical addresses. After an ARP request for a node's IP address is broadcast to the network, the node receives a reply confirming its physical address so that the packet can be sent out. RARP (inverse ARP) is often used on diskless workstations to obtain its logical IP address.
Security Technology 5: Port isolation
Port isolation is to achieve the isolation between messages, different ports can be added to different VLAN, but it will waste limited VLAN resources. By using the port isolation feature, the isolation between ports in the same VLAN can be realized. Users only need to add ports to the isolation group to achieve layer 2 data isolation between ports in the isolation group. The port isolation function provides users with a more secure and flexible networking solution.
At present, some devices support only one isolation group (hereinafter referred to as a single isolation group). Isolation group 1 is automatically created by the system, and users cannot delete the isolation group or create other isolation groups. Some devices support multiple isolation groups (hereinafter referred to as multiple isolation groups), which can be configured manually. The number of isolation groups supported by different devices is different. Please refer to the actual situation of the device.
There is no limit to the number of ports that can be added to the isolation group.
The port isolation feature is independent of the VLAN to which the port belongs. For ports belonging to different VLAN, only the layer 2 messages from the ordinary port to the uplink port of the same isolation group can pass through one way, and the layer 2 data of the port in other cases are isolated from each other. For ports belonging to the same VLAN, isolate the interworking of layer 2 data between the ports within and outside the group.
There are now different supporting technologies on layer 2 and layer 3 switches
[purpose of the experiment]
Realize port isolation on layer 2 switch to realize message isolation
[experimental Topology]
[experimental configuration]
Exchanger
[Quidway] dis cu
#
Sysname Quidway
#
Radius scheme system
#
Domain system
#
Vlan 1
#
Interface Aux1/0/0
#
Interface Ethernet1/0/1
#
Interface Ethernet1/0/2
#
Interface Ethernet1/0/3
#
Interface Ethernet1/0/4
#
Interface Ethernet1/0/5
#
Interface Ethernet1/0/6
#
Interface Ethernet1/0/7
#
Interface Ethernet1/0/8
#
Interface Ethernet1/0/9
#
Interface Ethernet1/0/10
Port isolate
#
Interface Ethernet1/0/11
#
Interface Ethernet1/0/12
#
Interface Ethernet1/0/13
#
Interface Ethernet1/0/14
#
Interface Ethernet1/0/15
#
Interface Ethernet1/0/16
#
Interface Ethernet1/0/17
#
Interface Ethernet1/0/18
#
Interface Ethernet1/0/19
#
Interface Ethernet1/0/20
Port isolate
#
Interface Ethernet1/0/21
#
Interface Ethernet1/0/22
#
Interface Ethernet1/0/23
#
Interface Ethernet1/0/24
#
Interface NULL0
#
User-interface aux 0
User-interface vty 0 4
#
Return
Test one
[experimental test]
Test one
Test two
Change the link interface of the port
[purpose of the experiment]
Realize port isolation on layer 3 switch to realize message isolation
[experimental Topology]
[experimental configuration]
Quidway > dis cu
#
Sysname Quidway
#
Radius scheme system
Server-type huawei
Primary authentication 127.0.0.1 1645
Primary accounting 127.0.0.1 1646
User-name-format without-domain
Domain system
Radius-scheme system
Access-limit disable
State active
Idle-cut disable
Domain default enable system
#
Local-server nas-ip 127.0.0.1 key huawei
#
Am enable
#
Vlan 1
#
Interface Aux0/0
#
Interface Ethernet0/1
#
Interface Ethernet0/2
#
Interface Ethernet0/3
#
Interface Ethernet0/4
#
Interface Ethernet0/5
#
Interface Ethernet0/6
#
Interface Ethernet0/7
#
Interface Ethernet0/8
#
Interface Ethernet0/9
#
Interface Ethernet0/10
Am isolate Ethernet0/20
#
Interface Ethernet0/11
#
Interface Ethernet0/12
#
Interface Ethernet0/13
#
Interface Ethernet0/14
#
Interface Ethernet0/15
#
Interface Ethernet0/16
#
Interface Ethernet0/17
#
Interface Ethernet0/18
#
Interface Ethernet0/19
#
Interface Ethernet0/20
Am isolate Ethernet0/10
#
Interface Ethernet0/21
#
Interface Ethernet0/22
#
Interface Ethernet0/23
#
Interface Ethernet0/24
#
Interface NULL0
#
User-interface aux 0
User-interface vty 0 4
#
Return
[experimental test]
Test one
Test two
Change the port number of the link
Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.
Views: 0
*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.
Continue with the installation of the previous hadoop.First, install zookooper1. Decompress zookoope
"Every 5-10 years, there's a rare product, a really special, very unusual product that's the most un
© 2024 shulou.com SLNews company. All rights reserved.
12
Report
