Enterasys 2200 Betriebsanweisung

To prevent the RIP broadcasts from flooding the user’s workstation connected to S1 and S2, a new 
VLAN will be added to each switch, but not assigned to any ports (making them Null VLANs). 
Then each switch will be configured with a Layer 4 classification rule that will classify each RIP 
broadcast frame received on Port 25 of each switch to the Null VLAN. Since the Null VLAN is not 
associated with any ports, the frame will be dropped and not transmitted out any port.

In this example, the switches have already been configured and operating. The following covers 
only those steps needed to configure each switch to eliminate the problem. 

Each switch is set as follows:

1. A VLAN is added to the list of VLANs in the Device/VLAN Configuration screen and assigned 

to a FID. In this example, the switch is set as follows:

VLAN ID 99, FID 99, with a VLAN Name of Null VLAN

2. The VLAN Classification Configuration screen is used to configure the switch to detect and 

classify the incoming RIP broadcast frames on Port 25 to the Null VLAN. Since the Null VLAN 
is not assigned to any port, the frame is dropped (not transmitted out any port). The VLAN 
Classification Configuration screen is set as follows:

VID: 99

Classification: Dest UDP Port 

IP UDP Port: 520

Port 520 is a well-known port number used by RIP.

The ABC Company wants to confine the sensitive information being transmitted by their Finance 
Department to its user’s only.

In this example, illustrated in 

, the user in the Finance Department are members of the 

Finance VLAN and are also on Subnet 28 as shown in bold type.