For example, I will configure port isolation on the HPE A5800-24G-SFP switch.
To isolate traffic between ports, use the command:
port-isolate enable
It must be specified for each port individually, for example:
interface GigabitEthernet1/0/1
port link-mode bridge
port access vlan 943
loopback-detection enable
port-isolate enable
#
interface GigabitEthernet1/0/2
port link-mode bridge
port access vlan 943
loopback-detection enable
port-isolate enable
#
...
This command cannot be specified on the Uplink port:
interface Ten-GigabitEthernet1/0/25
port link-mode bridge
port link-type trunk
undo port trunk permit vlan 1
port trunk permit vlan 943
speed 10000
duplex full
Accordingly, the traffic of the port on which this command is not specified can go to any port, and all ports on which the “port-isolate enable” command is specified or not specified can also forward traffic to it. Traffic does not go between ports on which the “port-isolate enable” command is specified and can only go to ports on which it is not specified.
See also my article:
Configuring HP 5800