Routing the ELAN

 

Guidelines for configuring a routable ELAN subnet

When configuring a routable ELAN subnet on the enterprise IP network,
use the following guidelines:

  1. External multicasts must not be transmitted on the ELAN subnet.
    Generally, multicast forwarding is disabled by default on a gateway
    router. Ensure that no multicast routing protocols are enabled on the
    ELAN subnets gateway router. Do not configure or allow the ELAN or
    TLAN subnet’s gateway router (that is, the Layer 3 switch) to forward
    multicast traffic to the ELAN subnet.
  2. External broadcasts must not be forwarded to the ELAN subnet. Ensure
    that the Layer 3 switch is configured so that it does not forward broadcast
    traffic from elsewhere on the network to the ELAN subnet. This includes
    disabling any features on the Layer 3 switch which forward broadcast
    packets to a subnet when the received packets destination IP address is
    the subnet’s broadcast IP address. This can also include disabling other
    broadcast-forwarding mechanisms, such as UDP broadcast forwarding,
    DHCP forwarding, or NetBIOS forwarding.
  3.  An ELAN subnet’s gateway router must be capable of Packet Filtering
    in order to prevent unauthorized traffic from entering the ELAN subnet.
    Management traffic is sent from management systems to the CS 1000
    system. Management traffic includes FTP, Telnet, http, SNMP, DBA, and
    rlogin servers. Refer to Appendix D for the control and management
    TCP and UDP port numbers for each component connected to the
    ELAN subnet. Configure the packet filter to forward any traffic with the
    source IP address equal to management system’s IP address and a
    management service destination TCP or UDP port. The packet filter
    should then drop all other traffic.

Converging the Data Network with VoIP Fundamentals
NN43001-260 01.01 Standard
Pages 153-154