Protected Ports

Also known as Private VLAN Edge, protected ports allow you to block traffic between two ports on the same switch. Ports that are configured as protected are blocked from unicast, multicast and broadcast communication. However routing protocol updates and other control traffic still continue to flow.

Important Points
1. It only works on a single switch. This means protected ports on two different switches can still communicate with each other.
2. To route traffic between protected ports, a Layer 3 device would be required.
3. By default, all ports are non-protected.
4. A protected port and non-protected port continue to communicate as usual.

Protected Ports

Configuration

Switch(config)# interface fa0/0
Switch(config-if)# switchport mode access
Switch(config-if)# switchport protected

Verification

Switch# show interface fa0/0 switchport | in Protected
Protected: true

Add a Comment

Your email address will not be published. Required fields are marked *