The broadcast-suppression block outbound command blocks outgoing broadcast packets on an interface.
The undo broadcast-suppression block outbound command unblocks outgoing broadcast packets on an interface.
By default, an interface does not block outgoing broadcast packets.
Ethernet interface view, GE interface view, XGE interface view, 25GE interface view, MultiGE interface view, 40GE interface view, 100GE interface view, port group view
Usage Guidelines
After an interface receives a broadcast packet, it broadcasts the packet to all users in the same VLAN. This may cause information leak. For example, if an unauthorized user is connected to an interface in a VLAN, an unauthorized user obtains a host's address from broadcast packets and uses the address to attack the host. To prevent information leak, use the broadcast-suppression block outbound command to block outgoing broadcast packets on an interface if users connected to the interface do not need to receive broadcast packets. For example, if users on an interface seldom change and require high security, you can use this command on the interface.
Precautions
The broadcast-suppression block outbound command is applicable only to interfaces on which users do not need to receive broadcast packets. This command will affect network operations if it is used on an interface where users need to receive broadcast packets.
Traffic suppression can be configured for incoming and outgoing packets on an interface, and the configurations are independent of each other. On an interface, you can use the broadcast-suppression command to limit the rate of incoming broadcast packets and use the broadcast-suppression block outbound command to block outgoing broadcast packets.