Understanding Port Profiles

Interface Settings Configured in the Port Profile

You can configure the following interfaces settings in a Port profile:

• Interface protocol family—You can configure an interface to be either an Ethernet switching interface, an IPv4 routing interface, or an IPv6 routing interface.

• Port mode—You can configure a switching interface port mode to be an access, trunk, or tagged-access interface for EX Series switches. Campus Switching ELS supports access mode and trunk mode. For more information about port modes, see Ethernet Switching.

• PoE settings—The factory-default configuration of switches enables PoE on all interfaces that support PoE. For many implementations, no further configuration is necessary. You can, however, override the default settings for PoE interfaces in the Port profile. Most switch models have interfaces that support Power over Ethernet (PoE), but the EX9200 does not support PoE. For more information about PoE, see Power over Ethernet (PoE).

  If you do not explicitly configure PoE in the Port profile, the existing PoE interface settings on the switch remain in effect. Device-wide PoE settings are configured in the Device Common Settings profile.

• Physical link settings—On switches, the autonegotiation of port speed and duplex mode is enabled by default. You can disable autonegotiation and set port speed and duplex mode in the Port profile. Other link settings you can configure include flow control, which is disabled by default, and maximum transmission unit (MTU).

• Storm control settings—You can optionally enable storm control settings on switches. Storm control monitors traffic levels drops broadcast, multicast, and unknown unicast packets when a specified traffic level—called the storm control level.

• RSTP settings—You can optionally enable RSTP settings on switches. RSTP this feature enables you to fine-tune STP by setting interfaces into edge, disable, or no-root-port states.

• Port security settings—You can optionally enable port security on switched access ports. Port security features help protect the access ports on your switch against address spoofing (forging) and Layer 2 denial-of-service (DoS) attacks. For more information about port security on switches, see Port Security.

  Note:

  For campus switching ELS devices, disabling port security settings option is not available.

Interface Settings Configured by Referencing Other Profiles

You can optionally configure other interface-related settings in the Port profile by referencing other profiles. These profiles are:

• CoS profile—Configures class-of-service settings on the interface. You can either select or create an in-line CoS profile while creating a port profile.

• Filter profile—Configures firewall filters (often called ACLs) on the interface.

• Authentication profile—(Switching interfaces only) Configures 802.1X authentication on an interface and configures related settings, such as captive portal authentication. You can either select or create an in-line authentication profile while creating a port profile.

• Access profile—Configures the access server settings used by all 802.1X authenticator interfaces on a switch. This profile is not included in the Port profile. Instead, you assign it to a device as part of the process of assigning a Port profile to the interfaces on the device.

• VLAN profile for Campus Switching ELS is mandatory. You can either select or create an in-line VLAN profile while creating a port profile.

If you want to use one or more of these profiles with the Port profile, be sure to create them before you create and assign the Port profile.

Default Port Profiles

To help with the rapid provisioning of interfaces on switches, Network Director provides default Port profiles that contain settings for common uses of switch interfaces. You can modify or assign these default profiles to interfaces using the same method used for user-created profiles. Table 1 describes the default Port profiles.