September 2017
Beginner to intermediate
436 pages
12h 33m
English
Content preview from Implementing Cisco Networking Solutions
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
Start your free trial
Controlling user to user traffic
The Ethernet protocol was designed to allow direct user-user layer 2 communication, when both users are situated on a common broadcast domain. There might be requirements where, in an untrusted domain, there is a need to prevent the users in the same broadcast domain from communicating with each other. This is achieved using a feature called private VLAN, or PVLAN, sometimes also referred to as protected port feature. This feature effectively disables direct layer 2 communication between protected ports and also VLANs within trunks if the feature is applied to a trunk interface. Only communication is allowed with the router port for the traffic from users to go out of the LAN. PVLAN prevents any sniffing of ...