Shulou(Shulou.com)05/31 Report--

This article shows you how to apply the switch port isolation technology, which is concise and easy to understand, which will definitely brighten your eyes. I hope you can get something through the detailed introduction of this article.

A company, due to business requirements, in order to ensure the high availability of the server, implemented the NLB clustering technology for the server. Everything has advantages and disadvantages, because NLB clusters generally use multicast technology in the actual environment, and the nodes under the same exit of the switch receive a large number of broadcasts, some users whose network delay requirements are small (such as network telephony, SMS group sending services) will be greatly affected. In the face of this situation, the first thing we think of is subnetting or VLAN, and the problem still exists after subnetting. At this time, we can only consider dividing VLAN, but because the devices connected to the IDC server node are almost not divided into VLAN, because the uplink switch of the server is generally owned by the user, and the switch in IDC is also marked with VLAN, the server's uplink switch needs to be configured with Trunk when configuring VLAN. Otherwise, it is impossible to communicate with the uplink equipment, because the user is not familiar with the network topology environment of the computer room, so there is no way to divide the VLAN. Is there no way to solve this situation? The answer is yes, that is port isolation technology.

Overview of Port isolation Technology

Port isolation technology is a technology that achieves sufficient isolation between the ports of a client to ensure that one client will not receive traffic from another. Through the port isolation technology, the user can add the ports that need to be controlled into an isolation group, and through the port isolation feature, the user can add the ports that need to be controlled to an isolation group to achieve the isolation of layer 2 data between the ports in the isolation group. after using the isolation technology, unicast, broadcast and multicast will not occur between the isolated ports, and viruses will not spread between isolated computers. Increased network security and improved network performance

Practical environmental application

OK, let's look at a practical application of port isolation (take H3C S2126-ei switch as an example)

Cause: a user often sends a large number of broadcasts, resulting in a serious decline in network performance

Prescription: Port isolation technology

The three servers are divided into three actual users, which are respectively connected to the

Sys

System View: return to User View with Ctrl+Z.

[H3C] interface Ethernet 1-0-1

[H3C-Ethernet1/0/1] port isolate / / set this port as an isolated port

[H3C-Ethernet1/0/1] quit

[H3C] interface Ethernet 1-0-2

[H3C-Ethernet1/0/2] port isolate / / set this port as an isolated port

[H3C-Ethernet1/0/2] quit

[H3C] interface Ethernet 1-0-3

[H3C-Ethernet1/0/3] port isolate / / set this port as an isolated port

[H3C-Ethernet1/0/3] quit

[H3C] save / / Save configuration

[H3C] display isolate port / / query the ports in the port isolation group

[H3C-Ethernet1/0/X] undo port isolate / / Delete an isolated port under a port

Note: Port isolation is different from VLAN

Application of Port isolation Technology of switches made by other manufacturers

Huawei

[Quidway] interface Ethernet1/0/1

[Quidway-Ethernet1/0/1] port-isolate enable / / enable this port isolation function

Cisco

Switch (config) # interface port number

Switch (config-if) # switchitchport protected / / enable port protection

Note: individual models of Cisco switches use PVLAN for port protection.

D-link

Config traffic_segmentation [] forward_list [null |]

Note: indicates which port is specified as the isolated port. Parameter null indicates that there is no connected port, and parameter indicates connected port.

The above content is how to apply the switch port isolation technology. Have you learned the knowledge or skills? If you want to learn more skills or enrich your knowledge reserve, you are welcome to follow the industry information channel.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.