Port Isolation Configuration

\<font color="#1d50a2">introduction\</font> port isolation allows the isolation of ports within the same vlan by adding ports to an isolation group, isolation between layer 2 data packets and multicast packets can be achieved for the ports within the isolation group traffic between ports within the isolation group and ports not added to the isolation group is not affected by the isolation group and can flow bidirectionally \<font color="#1d50a2">configuring port isolation groups\</font> operation command description enter the system configuration view configure create and enter isolation group view port isolate group id enter interface view interface ethernet id add interface to isolation group port isolate id \<font color="#1d50a2">configuration example\</font> \<font color="#1d50a2">network requirements\</font> a cell has multiple users, and now requires that the users cannot interoperate with each other's layer 2 messages, but all can access the external network \<font color="#1d50a2">procedure\</font> create a vlan and add the interface to the vlan sonic(config)# vlan 100 sonic(config)# port group ethernet 1 4 sonic(config port group 1 4)# switchport access vlan 100 create port isolation group sonic(config)# port isolate group 1 sonic(config port isolate group 1)# interface 1,2,3 \<font color="#1d50a2">verify configuration\</font> view the port ioslation group configuration sonic# show port isolate group + + + + \| group id | interface | mode | +============+=============+========+ \| 1 | ethernet1 | l2 | \| | ethernet2 | | \| | ethernet3 | | + + + + no interoperability between pcs, all pcs can access the external network