27.8.2 Configuring the Inter-Port Relay Blocking Function

The following describes how to set the inter-port relay blocking functionality. The example settings correspond to the configuration in the figure.

In the example configuration communication from port 1/0/1 to port 1/0/4 is blocked. Communication is also blocked between ports 1/0/1 and 1/0/2. Port 1/0/3 can communicate with any port.

Figure 27-6: Example of setting the inter-port forwarding blocking facility

Points to note

The inter-port relay blocking functionality is set using the Ethernet interface configuration mode by specifying a port to which communication from other ports is not allowed. For each port to be blocked, communication needs to be blocked in both directions.

Command examples

1. (config)# interface gigabitethernet 1/0/1

   Switches to the Ethernet interface configuration mode for port 1/0/1.

2. (config-if)# switchport isolation interface gigabitethernet 1/0/2, gigabitethernet 1/0/4

   (config-if)# exit

   Blocks forwarding from ports 1/0/2 and 1/0/4 on port 1/0/1.

3. (config)# interface gigabitethernet 1/0/2

   (config-if)# switchport isolation interface gigabitethernet 1/0/1

   (config-if)# exit

   Switches to the Ethernet interface configuration mode for ports 1, 0, and 2, and blocks forwarding from ports 1, 0, and 1 on ports 1, 0, and 2. With this setting, communication between ports 1/0/1 and 1/0/2 is blocked in both directions.

4. (config)# interface gigabitethernet 1/0/4

   (config-if)# switchport isolation interface gigabitethernet 1/0/1

   Switches to the Ethernet interface configuration mode for port 1/0/4, and blocks forwarding from port 1/0/1 on port 1/0/4. With this setting, communication is blocked both ways between ports 1/0/1 and 1/0/4.