Manualshelf

Administrator Guide

ManualsBrandsDell ManualsAccess PlatformsPowerSwitch N3000 Series
31323334353637383940
38 Dell Campus Networking Interoperability with Cisco Catalyst 1.1 | version 1.1
2.10 Filtering Cisco Proprietary Protocols
Network Administrators often run into problems receiving multiple Cisco proprietary protocols on standards
based switches, which causes unexpected results on the network. Therefore, Dell Networking has developed
an easy way to block Cisco protocols when necessary. By applying built-in Access Control Lists (ACL) that
block individual Cisco protocols on each port, the user can filter out unwanted packets from their network.
As one example, a switch Administrator would enter the following commands to enable automatic filtering of
CDP packets on the interface:
N3024(config)#interface gigabitethernet 1/0/3
N3024(config-if)#service-acl input blockcdp
N3024(config-if)#exit
Note: The no service-acl input command removes this filtering for the interface.
In the same way, administrators can block the other proprietary protocol packets individually (cdp, vtp, dtp,
pagp, udld, sstp) as shown below.
N3024(config)#interface gigabitethernet 1/0/3
N3024(config-if)#service-acl input packet_type { packet_type packet_type… }
Where packet_type is one of the following:
blockcdp blocks all cdp packets on this interface
blockvtp blocks all vtp packets on this interface
blockdtp blocks all dtp packets on this interface
blockpagp blocks all pagp packets on this interface
blockudld blocks all udld packets on this interface
blocksstp blocks all sstp packets on this interface
blockall blocks all Cisco proprietary protocols on this interface
Use one or more of these filters on each port by including a single or multiple packet types on a single line or
use the blockall option to block all Cisco protocols on the port.
Note: These interface ACLs take precedence over any global configuration that may be active on the switch.
For example, if a form of CDP is globally running on the switch, the service-acl input blockcdp interface
option enforces the dropping of CDP packets for the ingress on this interface even if the global setting is
enabled.
For more information, see the Link Local Protocol Filtering section in the Dell Networking User Configuration
Guide for your switch.