I am not able to think of a situation where a mac address will be a learned on 3 outgoing ports unless and untill it is a loop because if that happens if it a loop like a hub connected to switch with 2 ports and pc connected to hub and pc mac address will be learned on 2 ports of switches now which can create a loop in network.
Coming to your second question switches will normally work at layer 2 only.
If you apply extended ACL to any interface any traffic hitting that interface will be checked to that ACL depening on the direction of traffic and direction of your ACL configured and as per the ACL switch will take decision to drop the traffic or formard the traffic.
- I have two firewall load-sharing that use virtual mac-address and i have two switch that connect with them with trunk then when i show mac-address table on switch the mac-address of firewall will outgoing two interface (via directly to firewall and trunk port of switch) when we have traffic would like to go through firewall, switch will forward traffic out two interface ?
- Switch layer2 can filter tcp segment ? or ip packet ? it only work on layer2 right.. why extended acl can apply ?
- Does your firewall are working in active-standby mode or active-active mode?
- AFAIK All Cisco switches are store and forward, meaning they receive a full frame before making a forwarding decision. This allows the switch to throw away errored frames, and to look at any field to perform filtering, QOS or whatever is needed.
So the answer is that the current generation layer 2 switch with enhance image does understand layers 1-4, but forwarding decisions are based on layer 2.
Question We run asr9001 with XR 6.1.3, and we have a very long delay to
login w/ SSH 1 or 2 to the device compare to IOS device. After
investigation, the there is 1s delay between the client KEXDH_INIT and
the server (XR) KEXDH_REPLY. After debug ssh serv...
Introduction The purpose of this document is to demonstrate the Open
Shortest Path First (OSPF) behavior when the V-bit (Virtual-link bit) is
present in a non-backbone area. The V-bit is signaled in Type-1 LSA only
if the router is the endpoint of one or ...
Hi, I am seeing quite a few issues with patch install and wanted to
share my experience and workaround to this. Login to admin via CLI, then
access root with the “shell” command Issue “df –h” and you’ll probably
see the following directory full or nearly ...