Cisco ASR 9000 Series Aggregation Services Router System Security Configuration Guide - Layer 2 Security Features on Cisco ASR 9000 Series Routers [Cisco IOS XR Software (End-of-Sale)]

Table Of Contents

Layer 2 Security Features on Cisco ASR 9000 Series Routers

Security Features for Layer 2 VPLS Bridge Domains

Layer 2 Security Features on Cisco ASR 9000 Series Routers

This module provides an overview of security features for Layer 2 services on Cisco ASR 9000 Series Aggregation Services Routers. All Layer 2 security features must be configured at the VPLS bridge domain level.

Security Features for Layer 2 VPLS Bridge Domains

Table 1 lists security features for Layer 2 VPLS bridge domains and points you to the detailed configuration documentation for each feature.

Table 1 Security Features for Layer 2 VPNs

Feature

Where Documented

MAC address-based traffic blocking, filtering, and limiting on VPLS bridge domains

In the Cisco ASR 9000 Series Aggregation Services Router MPLS Configuration Guide, in the module "Implementing Virtual Private LAN Services on Cisco ASR 9000 Series Routers," see the "Configuring the MAC Address-related Parameters" section.

Traffic storm control on VPLS bridge domains

In the Cisco ASR 9000 Series Aggregation Services Router System Security Configuration Guide (this publication), see the module "Implementing Traffic Storm Control under a VPLS Bridge on Cisco ASR 9000 Series Aggregation Services Routers."

DHCP snooping on VPLS bridge domains

In the Cisco ASR 9000 Series Aggregation Services Router IP Services Configuration Guide, see the module "Implementing DHCP on Cisco ASR 9000 Series Routers." That module describes both DHCP relay services and DHCP snooping at Layer 2.

IGMP snooping on VPLS bridge domains

In the Cisco ASR 9000 Series Aggregation Services Router Multicast Configuration Guide, see the module "Implementing Layer 2 Multicast with IGMP Snooping on Cisco ASR 9000 Series Aggregation Services Routers."