|
MikroTik CRS系列交换机做端口隔离
CRS系列交换机做端口隔离很方便,我们举例要求,1口为上联,2口-24口做隔离,只能通1口,2口到24口到交换机本身也隔离,拓扑图好下:
1.首先,我们把2口到24口通过交换芯片绑定到1口,见图:
2.设置上行端口(我们在此举例上行端口是ether1),并隔离其它端口
/interface ethernet switch port
set ether1 isolation-leakage-profile-override=0
set ether2 isolation-leakage-profile-override=1
set ether3 isolation-leakage-profile-override=1
set ether4 isolation-leakage-profile-override=1
set ether5 isolation-leakage-profile-override=1
set ether6 isolation-leakage-profile-override=1
set ether7 isolation-leakage-profile-override=1
set ether8 isolation-leakage-profile-override=1
set ether9 isolation-leakage-profile-override=1
set ether10 isolation-leakage-profile-override=1
set ether11 isolation-leakage-profile-override=1
set ether12 isolation-leakage-profile-override=1
set ether13 isolation-leakage-profile-override=1
set ether14 isolation-leakage-profile-override=1
set ether15 isolation-leakage-profile-override=1
set ether16 isolation-leakage-profile-override=1
set ether17 isolation-leakage-profile-override=1
set ether18 isolation-leakage-profile-override=1
set ether19 isolation-leakage-profile-override=1
set ether20 isolation-leakage-profile-override=1
set ether21 isolation-leakage-profile-override=1
set ether22 isolation-leakage-profile-override=1
set ether23 isolation-leakage-profile-override=1
set ether24 isolation-leakage-profile-override=1
/interface ethernet switch port-isolation
add port-profile=1 ports=ether1 type=dst
到此也设置完成了,此模式,2口-24口也无法进交换机设备本身,也是无法管理交换机的,如果你要2口-24口能连接交换机本身,请改最后一步,把交换机本身也加上去:
/interface ethernet switch port-isolation
add port-profile=1 ports=ether1,switch1-cpu type=dst
| 
|小黑屋|手机版|Archiver|EDCwifi.BBS
( 粤ICP备17065502号-1 粤公网安备44030702001530号 )
发表于 2014-6-6 10:30:52
