I'm building a lab were I have a Cisco 2691 acting as a transparent (bridged) FW between two Cisco 6500 switches. I was successful in bridging VLANS across these two switches and I have successfully built layer 3 access control lists to control traffic that needs to be addressed.
However, darn multicast layer two traffic such as HSRP. I don't want HSRP to be shared between these two swicthes. I can't create a separate standby group because each switch needs to use the same standby IP.
I'm seeking out ideas as to how I can stop the passage of HSRP. Theres's likely too many mac addresses associated with HSRP updates so the method of using a layer 2 ACL might come back and bite me down the road.
Thoughts? Maybe I can block this at the switch port level keeping this traffic from ever hitting the router???