EasyManuals Logo

Cisco ASR 9000 Series Configuration Guidelines

Cisco ASR 9000 Series
694 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #368 background imageLoading...
Page #368 background image
Destination MAC verification: enabled
IP Source Guard: enabled, Logging: enabled
This example shows the logging display:
LC/0/0/CPU0:Jun 16 13:28:28.697 : l2fib[188]: %L2-L2FIB-5-SECURITY_DAI_VIOLATION_AC : Dynamic
ARP inspection in AC GigabitEthernet0_0_0_7.1000 detected violated packet - source MAC:
0000.0000.0065, destination MAC: 0000.0040.0000, sender MAC: 0000.0000.0064, target MAC:
0000.0000.0000, sender IP: 5.6.6.6, target IP: 130.10.3.2
LC/0/5/CPU0:Jun 16 13:28:38.716 : l2fib[188]: %L2-L2FIB-5-SECURITY_DAI_VIOLATION_AC : Dynamic
ARP inspection in AC Bundle-Ether100.103 detected violated packet - source MAC:
0000.0000.0067, destination MAC: 0000.2300.0000, sender MAC: 0000.7800.0034, target MAC:
0000.0000.0000, sender IP: 130.2.5.1, target IP: 50.5.1.25
Configuring IP Source Guard: Example
This example shows how to configure basic IP source guard under a bridge domain:
config
l2vpn
bridge group MyGroup
bridge-domain MyDomain
ip-source-guard logging
This example shows how to configure basic IP source guard under a bridge port:
config
l2vpn
bridge group MyGroup
bridge-domain MyDomain
interface gigabitEthernet 0/1/0/0.1
ip-source-guard logging
This example shows how to configure optional IP source guard under a bridge domain:
l2vpn
bridge group SECURE
bridge-domain SECURE-IPSG
ip-source-guard
logging
This example shows how to configure optional IP source guard under a bridge port:
l2vpn
bridge group SECURE
bridge-domain SECURE-IPSG
interface GigabitEthernet0/0/0/1.10
ip-source-guard
logging
This example shows the output of the show l2vpn bridge-domain bd-name ipsg-name detail command:
# show l2vpn bridge-domain bd-name SECURE-IPSG detail
Bridge group: SECURE, bridge-domain: SECURE-IPSG, id: 2, state: up,
…
IP Source Guard: enabled, Logging: enabled
…
List of ACs:
AC: GigabitEthernet0/0/0/1.10, state is up
L2VPN and Ethernet Services Configuration Guide for Cisco ASR 9000 Series Routers, IOS XR Release 6.3.x
342
Implementing Multipoint Layer 2 Services
Configuring IP Source Guard: Example

Table of Contents

Other manuals for Cisco ASR 9000 Series

Preview: User Configuration Guide
User Configuration Guide422 pages
Preview: Command Reference Guide
Command Reference Guide1138 pages
Preview: Configuration Guide
Configuration Guide604 pages
Preview: Routing Configuration Guide
Routing Configuration Guide702 pages
Preview: Reference Guide
Reference Guide696 pages
Preview: Command Reference
Command Reference590 pages
Preview: Installation Guide
Installation Guide284 pages
Preview: Service Configuration Guide
Service Configuration Guide204 pages
Preview: System Configuration Guide
System Configuration Guide168 pages
Preview: Configuration Manual
Configuration Manual50 pages
Preview: Manual
Manual64 pages
Preview: Software Manual
Software Manual166 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco ASR 9000 Series and is the answer not in the manual?

Cisco ASR 9000 Series Specifications

General IconGeneral
SeriesASR 9000
CategoryNetwork Router
Modular DesignYes
RedundancyYes (Hardware and Software)
Operating SystemCisco IOS XR
Interfaces/Ports10G, 40G, 100G, 400G Ethernet
Expansion SlotsVaries by model
Routing ProtocolBGP, OSPF, IS-IS, EIGRP
ManagementCLI, SNMP, NETCONF
Power SupplyRedundant
Port DensityVaries by model
Power Supply OptionsAC, DC
MemoryVaries by model
StorageVaries by model
DimensionsVaries by model
WeightVaries by model

Related product manuals