...
| Note |
|---|
For VLAN related matchers or VLAN related action parameters to work, you need to enable vlan-filtering on the bridge interface and make sure that hardware offloading is enabled on those ports, otherwise these parameters will not have any effect. |
| Warning |
|---|
When bridge interface vlanether-protocoltype is set to 802.1Q 0x8100, then VLAN related ACL rules are relevant to 0x8100 (CVID) packets, this includes vlan-id and new-vlan-id. When vlan-protocolbridge interface ether-type is set to 802.1ad 0x88a8, then ACL rules are relevant to 0x88A8 (SVID) packets. For example, with 802.1Q the vlan-id matcher will match CVID packets, but with 802.1ad the vlan-id matcher will match SVID packets. |
Port Security
...
It is possible to limit allowed MAC addresses on a single switch port on CRS3xx series switches. For example, to allow 64:D1:54:81:EF:8E MAC address on a switch port, start by switching multiple ports together, in this example 64:D1:54:81:EF:8E is going to be located behind ether1.
...