Are there switches with the ability to isolate individual ports from each other?

K

Konstantin2021-10-15 22:59:28

network hardware

Konstantin, 2021-10-15 22:59:28

Hello.
It is required to connect 9 clients to the switch, but 7 of them must not connect to each other. The other two have the ability to connect to anyone.
Because switches work at the channel (2) level, then nothing is known about ip addresses. Therefore, isolation must be at the port level. Like this:
Port 1, 2, 3, 4, 5, 6, 7 has access to ports 8 and 9.
Port 1, 2, 3, 4, 5, 6, 7 do not have access to each other.
Port 8 and 9 are unlimited and can connect anywhere.

In fact, this is the functionality of the firewall in the router, but I decided to ask if there is such a thing in the switches.
Or is it still easier to take a router?

Reply

Answer the question

In order to leave comments, you need to log in

5 answer(s)

V

Vasily Bannikov, 2021-10-15
@vabka

Yes. This feature is called vlan.
Must be present on all managed switches.
But how exactly to implement it - I will not prompt.

A

Armenian Radio, 2021-10-15
@gbg

Put ports 1-7 each in their own separate VLAN and make these ports untagged (access).
Make ports 8-9 tagged (trunk).
Then traffic from 1-7 will come separately to 8-9, but they will not be able to communicate with each other. Again, provided that on devices plugged into 8-9 there will be no routing between VLANs (of which at least 7 pieces will come to these devices)

S

Strabbo, 2021-10-16
@Strabbo

Cisco switches have such functionality called Private Vlan.

A

Alexander Karabanov, 2021-10-16
@karabanov

And D-Link has it. It's called traffic segmentation .

D

Drno, 2021-10-15
@Drno

it's easier to take Mikrotik ... and get cheaper and full functionality.
but in fact, a VLAN or a managed switch is enough, but I don’t think it will come out cheaper