At times in a switching environment, unknown unicast or multicast traffic on LAN is flooded to switch ports because of one of 2 common conditions (1) a MAC address has timed out or (2) has not been learned by the switch. This condition of flooding packets with unknown destination MAC address to all the switch ports can have some security issues or even undesirable when we have isolated port (under Private VLAN). Another scenario where only multicast traffic is desired on the port while unicast traffic is not required – Let’s say there are telepresence devices connected on the port which require multicast traffic only and no laptop may be connected to use this as data port.
Considering above requirements, “Unicast” and “Multicast” traffic flooding can be stopped from some designated ports.
The syntax the configuration is given below –
Switch(config-if)# switchport block unicast
Switch(config-if)# switchport block multicast
The above configuration may be verified with below configuration syntax –
Switch# show interface <interface-id> switchport
Note – The flood blocking feature is supported on all switched ports (including PVLAN ports) and is applied
to all VLANs on which the port is forwarding.
Please follow and like us: