293
NOTE:
• To implement dynamic IPv4 source
uard, make sure that DHCP snoopin
or DHCP relay is confi
ured
and works normally. For DHCP configuration information, see the
Layer 3—IP Services Configuration
Guide
.
• If you configure dynamic IPv4 source guard on a port for multiple times, the last configuration will
overwrite the previous configuration on the port.
Setting the maximum number of IPv4 source guard entries
The maximum number of IPv4 source guard entries is used to limit the total number of static and dynamic
IPv4 source guard entries on a port. When the number of IPv4 binding entries on a port reaches the
maximum, the port does not allowed new IPv4 binding entries any more.
Follow these steps to configure the maximum number of IPv4 binding entries allowed on a port:
To do… Use the command… Remarks
Enter system view system-view —
Enter Layer 2 Ethernet interface
view
interface interface-type
interface-number
—
Configure the maximum number of
IPv4 binding entries allowed on the
port
ip check source max-entries
number
Optional
256 by default.
NOTE:
If the maximum number of IPv4 bindin
entries to be confi
ured is smaller than the number of existin
IPv4
binding entries on the port, the maximum number can be configured successfully and the existing entries
ill not be affected. New IPv4 bindin
entries, however, cannot be added more unless the number of IPv4
binding entries on the port drops below the configured maximum.
Configuring IPv6 source guard
NOTE:
You cannot configure the IP source guard function on a port in an a
re
ation
roup, nor can you add a
port configured with IP source guard to an aggregation group.
Configuring static IPv6 source guard
Follow the steps to configure a port-based static IPv6 source guard entry:
To do… Use the command… Remarks
Enter system view system-view —
Enter Layer 2 Ethernet interface
view
interface interface-type
interface-number
—
To Next Page
Loading...
