134
Cisco Nexus 5500 Series NX-OS Security Command Reference
OL-27883-02
Chapter I Commands
ip verify source dhcp-snooping-vlan
ip verify source dhcp-snooping-vlan
To enable IP Source Guard on a Layer 2 Ethernet interface, use the ip verify source
dhcp-snooping-vlan command. To disable IP Source Guard on a Layer 2 Ethernet interface, use the no
form of this command.
ip verify source dhcp-snooping-vlan
no ip verify source dhcp-snooping-vlan
Syntax Description This command has no arguments or keywords.
Command Default Disabled
Command Modes Interface configuration mode
Command History
Usage Guidelines Before you use this command, make sure that you enable Dynamic Host Configuration Protocol (DHCP)
snooping on the switch by using the feature dhcp command.
IP Source Guard limits IP traffic on an interface to only those sources that have an IP-MAC address
binding table entry or static IP source entry.
IP Source Guard is dependent upon DHCP snooping to build and maintain the IP-MAC address binding
table or upon manual maintenance of static IP source entries.
This command does not require a license.
Examples This example shows how to enable IP Source Guard on a Layer 2 interface:
switch# configure terminal
switch(config)# interface ethernet 1/5
switch(config-if)# ip verify source dhcp-snooping-vlan
switch(config-if)#
This example shows how to disable IP Source Guard on a Layer 2 interface:
switch# configure terminal
switch(config)# interface ethernet 1/5
switch(config-if)# no ip verify source dhcp-snooping-vlan
switch(config-if)#
Release Modification
5.2(1)N1(1) This command was introduced.
To Next Page
Loading...
