port-isolate mode
Function
The port-isolate mode command sets the port isolation mode.
The undo port-isolate mode command restores the default port isolation mode.
By default, ports are isolated at Layer 2 but can communicate at Layer 3.
Parameters
Parameter |
Description |
Value |
|---|---|---|
l2 |
Indicates that ports are isolated at Layer 2 but can communicate at Layer 3. |
- |
all |
Indicates that ports are isolated at both Layer 2 and Layer 3. |
- |
Usage Guidelines
Usage Scenario
To implement Layer 2 isolation between interfaces, you can add different interfaces to different VLANs. This wastes VLAN resources. Port isolation can isolate interfaces in the same VLAN. That is, you only need to add interfaces to a port isolation group to implement Layer 2 isolation between these interfaces. Port isolation provides secure and flexible networking schemes.
You can configure the interface isolation mode to all to implement Layer 2 and Layer 3 isolation between interfaces in a port isolation group.
The S2720-EI, S5720-LI, S5735-L, S5735S-L, S5735S-L-M, S5720S-LI, S6720-LI and S6720S-LI support isolation at Layer 2 and interworking at Layer 3, and do not support this command.
Interfaces on subcards of the S5730-68C-SI-AC, S5730-68C-PWR-SI-AC, S5730-68C-PWR-SI, S5730S-68C-EI-AC, and S5730S-68C-PWR-EI do not support port isolation.