I've set up private isolated vlan. It is being used for hosting servers for different companies. My problem is the following: because I do not have control over servers themselves, potentialy there is a possibility that somebody will change an ip address of the server to for example ip address being used by the different company's server. This will kill both servers. I am looking for a way to allow only one specific ip address on a port. Is there any way to do that?
Thanks for the reply. I've looked through that article before. I do not think it solves my problems. First of all VACL is applied to VLAN, not the specific port, so in isolated VLAN I have several ports and I want each one of them to work only with specific IP address, so I need some way to map ip to port.
[toc:faq]The ProblemOn traditional switches whenever we have a trunk
interface we use the VLAN tag to demultiplex the VLANs. The switch needs
to determine which MAC Address table to look in for a forwarding
decision. To do this we require the switch to do...
[toc:faq]Introduction:Netdr is a tool available on a RSP720, Sup720 or
Sup32 that allows one to capture packets on the RP or SP inband. The
netdr command can be used to capture both Tx and Rx packets in the
software switching path. This is not a substitut...
IntroductionOSPF, being a link-state protocol, allows for every router
in the network to know of every link and OSPF speaker in the entire
network. From this picture each router independently runs the Shortest
Path First (SPF) algorithm to determine the b...