The ports used to connect the MS and MX are both properly configured to allow traffic from VLANs 1 and 2 and are using the same native VLAN.Client devices have a default gateway of the MX.Client VLANs are only defined on the MX.If the traffic does not match another block rule configure on the MX, the traffic will be NATed and sent to the Internet. layer 3 firewall rules, layer 7 firewall rules, content filtering policies, etc.). The MX will then compare the traffic against any other filtering rules (e.g. This traffic passes the anti-IP spoofing validation checks. In this case, the source IP (192.168.22.3) is contained within a static route configured on the MX (192.168.22.0/24) and was received on the expected VLAN (50), based on the next hop IP of the static route for 192.168.22.0/24. The MX compares the source VLAN (50) and the source IP (192.168.22.3) against the anti-IP spoofing validation checks. This traffic is received by the MX on VLAN 50. If traffic is destined to 216.58.194.206 The traffic is received by the layer 3 switch and routed to the MX via the transit VLAN. If traffic is destined to 192.168.32.14 The traffic is received by the layer 3 switch and routed directly to 192.168.32.14. This traffic is not processed by the layer 3 switch, or by the MX. If traffic is destined to 192.168.22.22 The traffic is forwarded at layer 2 by the downstream switching infrastructure. In each scenario below, traffic is always sent from the downstream client - 192.168.22.3. How is traffic routed given the above configuration? The ports used to connect the MS and MX are both properly defined as being on VLAN 50, the transit VLAN.The layer 3 switch is configured with a default route with a next hop IP address of the MX's IP on the transit VLAN.The next hop IP address is that of the layer 3 switch's IP on the transit VLAN. For downstream infrastructure and client subnets, static routes are configured on the MX. A single transit VLAN is used to allow for communications between the MX and downstream subnets.Client devices have a default gateway of the layer 3 device the VLAN has been defined on.Client VLANs are only defined on a single layer 3 device.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |