华为交换机端口隔离,实现的是交换机端口之间的不能互通,直接在每个接口下面配置port—isolate enable命令。但是上联口不能配置port-isolate命令,下联口可以配置port-isolate命令。该命令是在同一vlan下的端口实现不能互通。
sysname # vlan batch 1 888 964 # bpdu enable # cluster enable ntdp enable ntdp hop 16 ndp enable # interface Ethernet0/0/1 port default vlan 964 loopback-detect enable loopback-detect action block port-isolate enable ntdp enable ndp enable # interface Ethernet0/0/2 port default vlan 964 loopback-detect enable loopback-detect action block port-isolate enable ntdp enable ndp enable # interface Ethernet0/0/3 port default vlan 964 loopback-detect enable loopback-detect action block port-isolate enable ntdp enable ndp enable # interface Ethernet0/0/4 port default vlan 964 loopback-detect enable loopback-detect action block port-isolate enable ntdp enable ndp enable # interface Ethernet0/0/5 port default vlan 964 loopback-detect enable loopback-detect action block port-isolate enable ntdp enable ndp enable # interface Ethernet0/0/6 port default vlan 964 loopback-detect enable loopback-detect action block port-isolate enable ntdp enable ndp enable # interface Ethernet0/0/7 port default vlan 964 loopback-detect enable loopback-detect action block port-isolate enable ntdp enable ndp enable # interface Ethernet0/0/8 port default vlan 964 loopback-detect enable loopback-detect action block port-isolate enable ntdp enable ndp enable # interface Ethernet0/0/9 port default vlan 964 loopback-detect enable loopback-detect action block port-isolate enable ntdp enable ndp enable # interface Ethernet0/0/10 port default vlan 964 loopback-detect enable loopback-detect action block port-isolate enable ntdp enable ndp enable # interface Ethernet0/0/11 port default vlan 964 loopback-detect enable loopback-detect action block port-isolate enable ntdp enable ndp enable # interface Ethernet0/0/12 port default vlan 964 loopback-detect enable loopback-detect action block port-isolate enable ntdp enable ndp enable # interface Ethernet0/0/13 port default vlan 964 loopback-detect enable loopback-detect action block port-isolate enable ntdp enable ndp enable # interface Ethernet0/0/14 port default vlan 964 loopback-detect enable loopback-detect action block port-isolate enable ntdp enable ndp enable # interface Ethernet0/0/15 port default vlan 964 loopback-detect enable loopback-detect action block port-isolate enable ntdp enable ndp enable # interface Ethernet0/0/16 port default vlan 964 loopback-detect enable loopback-detect action block port-isolate enable ntdp enable ndp enable # interface Ethernet0/0/17 port default vlan 964 loopback-detect enable loopback-detect action block port-isolate enable ntdp enable ndp enable # interface Ethernet0/0/18 port default vlan 964 loopback-detect enable loopback-detect action block port-isolate enable ntdp enable ndp enable # interface Ethernet0/0/19 port default vlan 964 loopback-detect enable loopback-detect action block port-isolate enable ntdp enable ndp enable # interface Ethernet0/0/20 port default vlan 964 loopback-detect enable loopback-detect action block port-isolate enable ntdp enable ndp enable # interface Ethernet0/0/21 port default vlan 964 loopback-detect enable loopback-detect action block port-isolate enable ntdp enable ndp enable # interface Ethernet0/0/22 port default vlan 964 loopback-detect enable loopback-detect action block port-isolate enable ntdp enable ndp enable # interface Ethernet0/0/23 port default vlan 1 loopback-detect enable loopback-detect action block port-isolate enable ntdp enable ndp enable # interface Ethernet0/0/24 port default vlan 1 loopback-detect enable loopback-detect action block port-isolate enable ntdp enable ndp enable #
//上联端口G0/0/1 interface GigabitEthernet0/0/1 port default vlan 1 port trunk allow-pass vlan 888 964 negotiation auto loopback-detect enable loopback-detect action block ntdp enable ndp enable #
//下联端口G0/0/2(下面还有一台交换机) interface GigabitEthernet0/0/2 port default vlan 1 port trunk allow-pass vlan 888 964 loopback-detect enable loopback-detect action block port-isolate enable ntdp enable ndp enable # interface NULL0 # aaa authentication-scheme default # authorization-scheme default # accounting-scheme default # domain default #
