KB.15.15

ManualsBrandsHP ManualsNetwork HardwareHP 5406R-8XGT/8SFP+ (No PSU) v2 zl2 Switch

431

432

433

434

435

436

437

438

439

440

NOTE: If multiple VLANs are configured, the source-port and the destination port(s)

must be in the same VLAN unless routing is enabled. Similarly, if a VLAN containing

both the source and destination is multinetted, the source and destination ports

and/or trunks must be in the same subnet unless routing is enabled.

Syntax

[drop]<destination-port-list>[forward <port-list>]

Configures the filter to drop traffic for the ports and/or trunks in the designated <

destination-port-list >. Can be followed by forward<

destination-port-list > if you have other destination ports set to dropthat

you want to change to forward. If no drop or forward action is specified, the

switch automatically creates a filter with a forward action from the designated

source port (or trunk) to all destination ports (or trunks) on the switch.

Syntax

[forward]<port-list>

Configures the filter to forward traffic for the ports and/ or trunks in the designated

< destination-port-list >. Because forwardis the default state for

destinations in a filter, this command is useful when destinations in an existing filter

are configured for drop and you want to change them to forward. Can be

followed by drop< destination-port-list > if you have other destination

ports set to forward that you want to change to drop. If no drop or forward action

is specified, the switch automatically creates a filter with a forward action from the

designated source port (or trunk) to all destination ports (or trunks) on the switch.

Example 18 Example

For example, assume that you want to create a source-port filter that drops all traffic received on

port 5 with a destination of port trunk 1 (Trk1) and any port in the range of port 10 to port 15. To

create this filter you would execute this command:

HP Switch(config)# filter source-port 5 drop trk1,10-15

Later, suppose you wanted to shift the destination port range for this filter up by two ports; that is,

to have the filter drop all traffic received on port 5 with a destination of any port in the range of

port 12 to port 17. (The Trk1 destination is already configured in the filter and can remain as-is.)With

one command you can restore forwarding to ports 10 and 11 while adding ports 16 and 17 to

the "drop" list:

HP Switch(config)# filter source-port 5 forward 10-11 drop

16-17

Configuring a filter on a port trunk

This operation uses the same command as is used for configuring a filter on an individual port.

However, the configuration process requires two steps:

1. Configure the port trunk.

2. Configure a filter on the port trunk by using the trunk name (trk1, trk2, ...trk6) instead of a

port name.

For example, to create a filter on port trunk 1 to drop traffic received inbound for trunk 2 and ports

10-15:

HP Switch(config)# filter source-port trk1 drop trk2,10-15

Note that if you first configure a filter on a port and then later add the port to a trunk, the port

remains configured for filtering but the filtering action will be suspended while the port is a member

of the trunk. That is, the trunk does not adopt filtering from the port configuration. You must still

432 Traffic/Security Features and Monitors