Port protection is similar to private vlan, but much simpler. It is easier to configure “switchport protected” but it is only protected locally on the switch.
A protected port cannot communicate with any other protected port, but out all other ports on the switch. Therefore a protected port on SwA can communicate with a protected port on SwB, but neither can commnicate with any protected port on the same switch.
Simple as that. A private-vlan-light.
Just started labbing for the CCIE R&S, had to think a bit at the part with STP port-priority to influence STP path. So i wrote some study notes which i will store here.
This first post will be about STP port-priority…