How does an S series switch process UDP packets when it functions as a Layer 2 switch

15

If an S series switch (except the S1700) functions as a Layer 2 switch, it does not identify UDP or TCP packets by default. The switch only forwards packets based on its original MAC address table.

Other related questions:
How does an S series switch process packets when Layer 2 multicast references an ACL
In Layer 2 multicast, three functions need to reference the ACL. After an ACL is referenced, packets are processed based on ACL rules. If no rule is configured, packets are processed as follows: - IGMP snooping group policy: In V200R001 and earlier versions, the default rule is permit. In V200R002 and later versions, if default-permit is not configured, the default rule is deny; if default-permit is configured, the default rule is permit. - IGMP snooping prompt leave: In V200R001 and earlier versions, the default rule is permit. In V200R002 and later versions, if default-permit is not configured, the default rule is deny; if default-permit is configured, the default rule is permit. - IGMP snooping SSM policy: The default rule is deny.

Configure Layer 2 ACLs on S series switches
A Layer 2 ACL with the number ranging from 4000 to 4999 can be configured on an S series switch (except the S1700 switch). A Layer 2 ACL defines rules based on information in Ethernet frame headers of packets, such as source MAC addresses, destination MAC addresses, and Layer 2 protocol types. For example, create a rule in ACL 4001 to allow the ARP packets with the destination MAC address 0000-0000-0001, source MAC address 0000-0000-0002, and Layer 2 protocol type 0x0806 to pass. [HUAWEI] acl 4001 [HUAWEI-acl-L2-4001] rule permit destination-mac 0000-0000-0001 source-mac 0000-0000-0002 l2-protocol 0x0806 Create a rule in the Layer 2 ACL deny-vlan10-mac to reject the packets from the MAC addresses ranging from 00e0-fc01-0000 to 00e0-fc01-ffff in VLAN 10. [HUAWEI] acl name deny-vlan10-mac link [HUAWEI-acl-L2-deny-vlan10-mac] rule deny vlan-id 10 source-mac 00e0-fc01-0000 ffff-ffff-0000

How to determine whether an S series switch is a Layer 2 or Layer 3 switch
All models of the S600, S1720, and S2700 are Layer 2 switches. All models of the S3700 and S6700 are Layer 3 switches. The S5700-LI, S5700S-LI, S5710-LI, S5720-LI, and S5720S-LI series are Layer 2 switches. The S5700-EI, S5700-SI, and S5700-HI series are Layer 3 switches. All models of the S9300, S7700, S9700, and S12700 are Layer 3 switches.

If you have more questions, you can seek help from following ways:
To iKnow To Live Chat
Scroll to top