C
HAPTER
27
| General Security Measures
IP Source Guard
– 921 –
ip source-guard max-
binding
This command sets the maximum number of entries that can be bound to
an interface. Use the no form to restore the default setting.
SYNTAX
ip source-guard max-binding number
no ip source-guard max-binding
number - The maximum number of IP addresses that can be
mapped to an interface in the binding table. (Range: 1-5)
DEFAULT SETTING
5
COMMAND MODE
Interface Configuration (Ethernet)
COMMAND USAGE
u This command sets the maximum number of address entries that can
be mapped to an interface in the binding table, including both dynamic
entries discovered by DHCP snooping and static entries set by the ip
source-guard command.
EXAMPLE
This example sets the maximum number of allowed entries in the binding
table for port 5 to one entry.
Console(config)#interface ethernet 1/5
Console(config-if)#ip source-guard max-binding 1
Console(config-if)#
show ip source-guard This command shows whether source guard is enabled or disabled on each
interface.
COMMAND MODE
Privileged Exec
EXAMPLE
Console#show ip source-guard
Interface Filter-type Max-binding
--------- ----------- -----------
Eth 1/1 DISABLED 5
Eth 1/2 DISABLED 5
Eth 1/3 DISABLED 5
Eth 1/4 DISABLED 5
Eth 1/5 SIP 1
Eth 1/6 DISABLED 5
.
.
.
To Next Page