Ingress filter like on EOS also on EXOS?

  • 1
  • 1
  • Question
  • Updated 2 years ago
  • Answered
Hi all,

Can an ingress filter be implemented on EXOS? In fact it is a basic security feature IMHO because creating tagged packets to trash a VLAN you usually don't have access to is not that hard...

To remind everyone: ingress filter on EOS = a packet ingressing the port with a certain tag will only be accepted if the VLAN from the tag is present in the port's egress VLAN list.

Thanks,
Marki
Photo of jeronimo

jeronimo

  • 1,198 Points 1k badge 2x thumb

Posted 2 years ago

  • 1
  • 1
Photo of Erik Auerswald

Erik Auerswald, Embassador

  • 12,960 Points 10k badge 2x thumb
EXOS by default works as EOS does with activated ingress-filter.
Photo of Brandon Clay

Brandon Clay, Escalation Support Engineer

  • 13,254 Points 10k badge 2x thumb
Hi Jeronimo,

EXOS already does this by default.

Have you seen an issue where an EXOS switch is passing traffic that it should not based on the VLAN config on a port? If so, please open a case with GTAC.

-Brandon
Photo of jeronimo

jeronimo

  • 1,198 Points 1k badge 2x thumb
Thanks, no I haven't seen anything. It's a pre-sales thing ;-)