CRS1xx DHCP port isolation
Posted: Sun May 17, 2020 10:39 am
Having typed a small novel - I'll condense to what I think my actual question is:
The example page for the CRS1xx shows how to limit DHCP. So given:
Is it as simple as:
Additionally, I don't want any DHCP requests from the LAN to reach the VoIP server. Are the previous filters sufficient for that or do I need more?
The example page for the CRS1xx shows how to limit DHCP. So given:
- ether1: VoIP server
- ether2-ether6: VoIP phones
- ether7-ether8: unused/spare/future
- sfp10: next switch/router/gateway
- Configure a single bridge with all physical ports included. I understood that much.
- Place selected ports into a "community" - and I'm inferring the "preferred" first profile would be "2".
(and repeat for ether2-ether6)Code: Select all
/interface ethernet switch port set ether1 isolation-leakage-profile-override=2
- Define the isolation.
Code: Select all
/interface ethernet switch port-isolation add port-profile=2 protocol-type=dhcpv4 type=dst forwarding-type=bridged ports=ether1 registration-status="" traffic-type=""
Is it as simple as:
Code: Select all
/interface ethernet switch port-isolation add port-profile=2 protocol-type=dhcpv4 type=src forwarding-type=bridged ports=ether1 registration-status="" traffic-type=""
Additionally, I don't want any DHCP requests from the LAN to reach the VoIP server. Are the previous filters sufficient for that or do I need more?