Can client machine D communicate with client machine A or B?
My aim is for all client machines to communicate with the server on switch 1 - but no clients on the VLAN to be able to talk between themselves (ie: no peer to peer communication).
I understand the use of protected ports on a single switch, but I don't fully understand how they interact when on multiple switches linked via a trunk link and on the same VLAN.
If some clients will still be able to communicate with each other, what would be the best approach to preventing this?
Scenario:
Switch 1
Port 1: Unprotected Port. Connects to server. VLAN 2 Port 2: Unprotected Port. Trunk link to switch 2
Switch 2
Port 1: Unprotected Port. Trunk link to switch 1 Port 2: Unprotected Port. Trunk link to switch 3 Port 3: Protected Port. VLAN 2. Client machine A. Port 4. Protected Port. VLAN 2. Client machine B.
Switch 3
Port 1: Unprotected Port. Trunk link to switch 2. Port 2: Protected Port. VLAN 2. Client machine C. Port 3: Protected Port. VLAN 2. Client machine D.
Theres actually about 80 Cisco switches involved, and all switches host a variety of other VLAN's which must remain unaffected by any changes.
Many Thanks,
Philip