Table of Contents
Configuring Protocol Filtering
This chapter describes how to configure protocol filtering on Ethernet, Fast Ethernet, and Gigabit
Ethernet ports on the Catalyst enterprise LAN switches. The configuration procedures in this chapter
apply to Ethernet, Fast Ethernet, and Gigabit Ethernet switch ports on switching modules and
fixed-configuration switches, in addition to supervisor engine Fast and Gigabit Ethernet uplink ports.
Note
For complete syntax and usage information for the commands that are used in this chapter, refer to the
Catalyst 4500 Series, Catalyst 2948G, Catalyst 2948G-GE-TX, and Catalyst 2980G Switches Command
Reference.
This chapter consists of these sections:
•
•
•
Understanding How Protocol Filtering Works
Protocol filtering prevents certain protocol traffic from being forwarded out switch ports. Broadcast and
unicast flood traffic is filtered based on the membership of ports in different protocol groups. This
filtering is in addition to the filtering that is provided by port-VLAN membership.
Protocol filtering identifies ports on a protocol basis. A port can be a member of one or more of the
protocol groups. Flood traffic for each protocol group is forwarded out a port only if that port belongs
to the appropriate protocol group.
Layer 2 protocols, such as Spanning Tree Protocol (STP) and Cisco Discovery Protocol (CDP), are not
affected by protocol filtering. Dynamic VLAN ports and ports that have port security enabled are
members of all protocol groups.
You can configure a port with any one of these modes for each protocol group: on, off, or auto. If the
configuration is set to on, the port receives all the flood traffic for that protocol. If the configuration is
set to off, the port does not receive any flood traffic for that protocol. If the configuration is set to auto,
a port becomes a member of the protocol group only after the device that is connected to the port
transmits packets of the specific protocol group. The switch detects the traffic, adds the port to the
protocol group, and begins forwarding flood traffic for that protocol group to that port. Autoconfigured
ports are removed from the protocol group if the attached device does not transmit packets for that
protocol within 60 minutes. Ports are also removed from the protocol group when the supervisor engine
detects that the link is down on the port.
Catalyst 4500 Series, Catalyst 2948G, Catalyst 2948G-GE-TX, and Catalyst 2980G Switches Software Configuration Guide—Release 8.2GLX
78-15908-01
Understanding How Protocol Filtering Works, page 19-1
Default Protocol Filtering Configuration, page 19-2
Configuring Protocol Filtering on the Switch, page 19-2
C H A P T E R
19
19-1
Hide quick links:
Table of Contents
Troubleshooting
