DES-3550 Layer 2 Fast Ethernet Switch
26
IP-MAC BINDING
The IP-MAC binding feature is a security measure that restricts access to a Switch to authorized users. Only the authorized
client can access a Switch’s port by comparing a pre-configured IP/MAC matching database to the IP/MAC match extracted
form ARP request or acknowledgement packets. If the comparison test fails, the user is not authorized, the packet is dropped
and the user is effectively blocked from access. IP-MAC binding may be enabled on a per port basis. IP-MAC binding is
useful for preventing IP spoofing and other abuses.
The IP-MAC Binding commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in
the following table.
Command Parameters
create address_binding ip_mac ipaddress <ipaddr> mac_address <macaddr>
config address_binding ip_mac ipaddress <ipaddr> mac_address <macaddr>
config address_binding ip_mac ports
[ <por
tlist> | all ] state [enable | disable] show address_binding [ ip_mac { [ all | ipaddress<ipaddr> mac_address<macaddr> ] }
| blocked { [ all |
vlan_name <vlan_name> mac_address<macaddr> ] } | ports ]
delete address-binding [ ip-mac [ ipaddress<ipaddr> mac_address<macaddr> | all ]
| blocked
[ all | vlan_name<vlan_name> mac_address<macaddr> ] ]
Each command is listed, in detail, in the following sections.
225
To Next Page
Loading...
