port isolate

Function

The port isolate command configures interface isolation for a VLAN.

The undo port isolate command cancels interface isolation of a VLAN.

By default, isolation is not configured on interfaces.

Format

port isolate { { interface-name | interface-type interface-number } &<1-10> | all }

undo port isolate { { interface-name | interface-type interface-number } &<1-10> | all }

Parameters

Parameter Description Value
interface-name

Specifies the name of an interface in a VLAN.

-
interface-type interface-number

Specifies the type and number of an interface in a VLAN.

-
all

Indicates all interfaces in a VLAN.

-

Views

VLAN view

Default Level

2: Configuration level

Task Name and Operations

Task Name Operations
forwarding write

Usage Guidelines

Usage Scenario

To configure interface isolation for a VLAN, run the port isolate command. Then, the interfaces in this VLAN cannot communicate with each other.

To enable isolated interfaces to communicate, configure intra-VLAN proxy ARP.

If a VLANIF interface is bound to a VSI, interface isolation does not take effect for the VLAN.

Example

# Configure interface isolation on GE 0/1/0 and GE 0/1/8 in VLAN 3.
<HUAWEI> system-view
[~HUAWEI] interface GigabitEthernet 0/1/0
[~HUAWEI-GigabitEthernet0/1/0] portswitch
[*HUAWEI-GigabitEthernet0/1/0] quit
[*HUAWEI] interface GigabitEthernet 0/1/8
[*HUAWEI-GigabitEthernet0/1/8] portswitch
[*HUAWEI-GigabitEthernet0/1/8] quit
[*HUAWEI] vlan 3
[*HUAWEI-vlan3] quit
[*HUAWEI] interface GigabitEthernet 0/1/0
[*HUAWEI-GigabitEthernet0/1/0] port default vlan 3
[*HUAWEI-GigabitEthernet0/1/0] quit
[*HUAWEI] interface GigabitEthernet 0/1/8
[*HUAWEI-GigabitEthernet0/1/8] port default vlan 3
[*HUAWEI-GigabitEthernet0/1/8] quit
[*HUAWEI] vlan 3
[*HUAWEI-vlan3] port isolate GigabitEthernet 0/1/0 GigabitEthernet 0/1/8
Parent Topic: VLAN Configuration Commands
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic Next topic >