Destination MAC verification: enabled
IP Source Guard: enabled, Logging: enabled
This example shows the logging display:
LC/0/0/CPU0:Jun 16 13:28:28.697 : l2fib[188]: %L2-L2FIB-5-SECURITY_DAI_VIOLATION_AC : Dynamic
ARP inspection in AC GigabitEthernet0_0_0_7.1000 detected violated packet - source MAC:
0000.0000.0065, destination MAC: 0000.0040.0000, sender MAC: 0000.0000.0064, target MAC:
0000.0000.0000, sender IP: 5.6.6.6, target IP: 130.10.3.2
LC/0/5/CPU0:Jun 16 13:28:38.716 : l2fib[188]: %L2-L2FIB-5-SECURITY_DAI_VIOLATION_AC : Dynamic
ARP inspection in AC Bundle-Ether100.103 detected violated packet - source MAC:
0000.0000.0067, destination MAC: 0000.2300.0000, sender MAC: 0000.7800.0034, target MAC:
0000.0000.0000, sender IP: 130.2.5.1, target IP: 50.5.1.25
Configuring IP Source Guard: Example
This example shows how to configure basic IP source guard under a bridge domain:
config
l2vpn
bridge group MyGroup
bridge-domain MyDomain
ip-source-guard logging
This example shows how to configure basic IP source guard under a bridge port:
config
l2vpn
bridge group MyGroup
bridge-domain MyDomain
interface gigabitEthernet 0/1/0/0.1
ip-source-guard logging
This example shows how to configure optional IP source guard under a bridge domain:
l2vpn
bridge group SECURE
bridge-domain SECURE-IPSG
ip-source-guard
logging
This example shows how to configure optional IP source guard under a bridge port:
l2vpn
bridge group SECURE
bridge-domain SECURE-IPSG
interface GigabitEthernet0/0/0/1.10
ip-source-guard
logging
This example shows the output of the show l2vpn bridge-domain bd-name ipsg-name detail command:
# show l2vpn bridge-domain bd-name SECURE-IPSG detail
Bridge group: SECURE, bridge-domain: SECURE-IPSG, id: 2, state: up,
…
IP Source Guard: enabled, Logging: enabled
…
List of ACs:
AC: GigabitEthernet0/0/0/1.10, state is up
L2VPN and Ethernet Services Configuration Guide for Cisco ASR 9000 Series Routers, IOS XR Release 6.3.x
342
Implementing Multipoint Layer 2 Services
Configuring IP Source Guard: Example
To Next Page
Loading...
