Contents
xvii
Software Configuration Guide—Release 12.2(25)EW
OL-6696-01
Default Configuration for DHCP Snooping 33-3
Enabling DHCP Snooping 33-4
Enabling DHCP Snooping on Private VLAN 33-5
Enabling the DHCP Snooping Database Agent 33-6
Configuration Examples for the Database Agent 33-6
Displaying DHCP Snooping Information 33-9
Displaying a Binding Table 33-10
Displaying the DHCP Snooping Configuration 33-10
Overview of IP Source Guard 33-10
Configuring IP Source Guard on the Switch 33-11
Configuring IP Source Guard on Private VLANs 33-12
Displaying IP Source Guard Information 33-13
Displaying IP Source Binding Information 33-14
CHAPTER
34 Understanding and Configuring Dynamic ARP Inspection 34-1
Overview of Dynamic ARP Inspection 34-1
ARP Cache Poisoning 34-2
Dynamic ARP Inspection 34-2
Interface Trust state, Security Coverage and Network Configuration 34-3
Relative Priority of Static Bindings and DHCP Snooping Entries 34-4
Logging of Denied Packets 34-4
Rate Limiting of ARP Packets 34-4
Port Channels and Their Behavior 34-4
Configuring Dynamic ARP Inspection 34-5
Scenario One: Two Switches Support Dynamic ARP Inspection 34-5
Scenario Two: One Switch Supports Dynamic ARP Inspection 34-9
CHAPTER
35 Configuring Network Security with ACLs 35-1
Understanding ACLs 35-1
ACL Overview 35-2
Supported Features That Use ACLs 35-2
Router ACLs 35-3
Port ACLs 35-4
VLAN Maps 35-5
Hardware and Software ACL Support 35-5
TCAM Programming and ACLs 35-6
Layer 4 Operators in ACLs 35-7
Restrictions for Layer 4 Operations 35-8
To Next Page
Loading...
Need help?
General
