C
HAPTER
24
| General Security Measures
IPv4 Source Guard
– 916 –
COMMAND MODE
Interface Configuration (Ethernet)
COMMAND USAGE
â—† This command sets the maximum number of address entries that can
be mapped to an interface in the binding table, including both dynamic
entries discovered by DHCP snooping and static entries set by the ip
source-guard command.
EXAMPLE
This example sets the maximum number of allowed entries in the binding
table for port 5 to one entry. The mode is not specified, and therefore
defaults to the ACL binding table.
Console(config)#interface ethernet 1/5
Console(config-if)#ip source-guard max-binding 1
Console(config-if)#
ip source-guard
mode
This command sets the source-guard learning mode to search for
addresses in the ACL binding table or the MAC address binding table. Use
the no form to restore the default setting.
SYNTAX
ip source-guard mode {acl | mac}
no ip source-guard mode
mode - Specifies the learning mode.
acl - Searches for addresses in the ACL table.
mac - Searches for addresses in the MAC address table.
DEFAULT SETTING
ACL
COMMAND MODE
Interface Configuration (Ethernet)
EXAMPLE
This command sets the binding table mode for the specified interface to
MAC mode:
Console(config)#interface ethernet 1/5
Console(config-if)#ip source-guard mode mac
Console(config-if)#
To Next Page
Loading...
Need help?
General
