3Com Switch 8800 Family Firewall Module Configuration and Command Reference Guide
122 CHAPTER 8: TRANSPARENT FIREWALL
Figure 23 Broadcast packets
Stations A, B, C and D belong to two LANs. Ethernet segment 1 is connected to
the interface 1 on the transparent firewall; Ethernet segment 2 is connected to the
interface 2 on the firewall. When station A sends an Ethernet frame to station B,
both the transparent firewall and station B can receive the frame.
Learning mapping between station A MAC address and the interface
After receiving the Ethernet frame, the transparent firewall knows station A is
connected to it through interface 1 (since it receives the frame from interface 1).
Therefore the transparent firewall add the mapping between station A MAC
address and interface 1. See
Figure 24.
Figure 24 Learn mapping between station A MAC address and the interface
Works tation A
00e0.fcaa.aaaa
Works tation B
00e0.fcbb.bbbb
Works tation C Workstation D
00e0.fcdd.dddd
00e0.fccc.cccc
Interface 1
Interface 2
Ethernet segment 1
Ethernet segment 2
Destination
00e0.fcbb.bbbb 00e0.fcaa.aaaa
Source
Switch 8800
Workstation A
00e0.fcaa.aaaa
Works tation B
00e0.fcbb.bbb
Workstation C
Works tation D
00e0.fcdd.dddd
00e0.fccc.cccc
Interface 1
Interface 2
Ethernet segment 1
Ethernet segment 2
Destination
00e0.fcbb.bbbb 00e0.fcaa.aaaa
Source
MAC address Port
00e0.fcaa.aaaa 1
Address table
Switch 8800