504
Basic concepts
An MFF-enabled device has two types of ports: user port and network port.
User port
An MFF user port is directly connected to a host and processes the following packets differently:
•
Allows DHCP packets and multicast packets to pass.
•
Delivers ARP packets to the CPU.
•
After learning gateways' MAC addresses, a user port allows only the unicast packets with the
gateways' MAC addresses as the destination MAC addresses to pass. If no gateways' MAC
addresses are learned, a user port discards all received unicast packets.
Network port
An MFF network port is connected to any of the following networking devices:
•
An access switch.
•
A distribution switch.
•
A gateway.
•
A server.
A network port processes the following packets differently:
•
Allows multicast packets and DHCP packets to pass.
•
Delivers ARP packets to the CPU.
•
Denies broadcast packets other than DHCP and ARP packets.
You need to configure the following ports as network ports:
•
Upstream ports connected to a gateway.
•
Ports connected to the MFF devices in a cascaded network (a network with multiple MFF
devices connected to one another).
•
Ports between devices in a ring network.
Link aggregation is supported by network ports in an MFF-enabled VLAN, but it is not supported by
user ports in the VLAN. You can add the network ports to link aggregation groups, but cannot add the
user ports to link aggregation groups. For more information about link aggregation, see
Layer
2—LAN Switching Configuration Guide
.
NOTE:
•
A network port is not always an upstream port.
•
If you enable MFF for a VLAN, each port in the VLAN must be a network or user port.
MFF operation modes
Manual mode
The manual mode applies to networks where the hosts' IP addresses are manually configured. The
hosts cannot obtain the gateway information through DHCP. VLAN maintains only the MAC address
of the default gateway.
After receiving an ARP request for a host's MAC address from the gateway, the MFF device directly
replies the host's MAC address to the gateway according to the ARP snooping entries. After learning
the gateway's MAC address, the MFF device updates the MAC address upon receiving an ARP
packet with a different sender MAC address from the default gateway.
Summary of Contents for 10500 series
Page 326: ...312 No duration limit for this SA ...