DES-1210-28/ME Metro Ethernet Managed Switch CLI Reference Guide
45
12
1212
12
IP-MAC-PORT BINDING COMMANDS
The IP network layer uses a four-byte address. The Ethernet link layer uses a six-byte MAC address.
Binding these two address types together allows the transmission of data between the layers. The
primary purpose of IP-MAC-port binding is to restrict the access to a switch to a number of authorized
users. Only the authorized client can access the Switch’s port by checking the pair of IP-MAC addresses
with the pre-configured database. If an unauthorized user tries to access an IP-MAC-port binding
enabled port, the system will block the access by dropping its packet. The maximum number of IP-MAC-
port binding entries is dependant on chip capability (e.g. the ARP table size) and storage size of the
device. For the Switch, the maximum value for the IP-MAC-port binding ARP mode is 500. The creation
of authorized users can be manually configured by CLI or Web. The function is port-based, meaning a
user can enable or disable the function on the individual port.
The IP-MAC-Port Binding commands in the Command Line Interface (CLI) are listed (along with the
appropriate parameters) in the following table:
Command Parameter
create address_binding
ip_mac ipaddress
<ipaddr> m
ac_addres
s <mac
addr> ports
<port 1-28
>
config address_binding
ip_mac ports
[<portlist> | all] {state [disable | enable] | ip_inspection [disable | enable] |
arp_inspection [loose | strict]}
config address_binding
auto_scan
from_ip <ipaddr> to_ip <ipaddr>
delete address_binding
[ip_mac [ipaddress <ipaddr> mac_address <macaddr> | all] | blocked [all |
vlan_nam
e <vlan_nam
e> m
ac_address <m
acaddr>
port <p
ort 1-28>]
]
show address_binding
{[ip_mac [all | {ipaddress <ipaddr> | mac_address <macaddr>}] | blocked [all |
vlan_nam
e <vlan_nam
e> m
ac_address <m
acaddr>
port <p
ort 1-28>]
| ports]}
show address_binding
auto_scan list
enable
address_binding
dhcp_snoop
ports [<portlist> | all]
disable
address_binding
dhcp_snoop
ports [<portlist> | all]
Each command is listed in detail, as follows:
create address_binding ip_mac ipaddress
Purpose Used to create an IP-MAC-port binding entry.
Syntax
create address_binding ip_mac ipaddress <ipaddr>
mac_add
ress <mac
addr> p
orts <port
1-28>
Description
The create address_binding ip_mac ipaddress command is used to
create an IP-MAC-port binding entry.
Parameters
<ipaddr> – The IP address of the device where the IP-MAC-port
binding is made.
To Next Page
Loading...
