HP 5120 SI Series

HP 5120 SI Series

385 pages

To Next Page

To Next Page

To Previous Page

To Previous Page

Loading...

313

Configuration procedure

1. Add all the ports on Switch B into VLAN 10, and configure the IP address of VLAN-interface 10 on

Switch A. (Omitted)

2. Configure Switch A as a DHCP server

# Configure DHCP address pool 0

<SwitchA> system-view

[SwitchA] dhcp enable

[SwitchA] dhcp server ip-pool 0

[SwitchA-dhcp-pool-0] network 10.1.1.0 mask 255.255.255.0

3. Configure Host A and Host B as 802.1X clients (the configuration procedure is omitted) and

configure them to upload IP addresses for ARP detection.

4. Configure Switch B

# Enable the 802.1X function.

<SwitchB> system-view

[SwitchB] dot1x

[SwitchB] interface gigabitethernet 1/0/1

[SwitchB-Gigabitethernet 1/0/1] dot1x

[SwitchB-Gigabitethernet 1/0/1] quit

[SwitchB] interface gigabitethernet 1/0/2

[SwitchB-Gigabitethernet 1/0/2] dot1x

[SwitchB-Gigabitethernet 1/0/2] quit

# Add local access user test.

[SwitchB] local-user test

[SwitchB-luser-test] service-type lan-access

[SwitchB-luser-test] password simple test

[SwitchB-luser-test] quit

# Enable ARP detection for VLAN 10.

[SwitchB] vlan 10

[SwitchB-vlan10] arp detection enable

# Configure the upstream port as a trusted port and the downstream ports as untrusted ports (a port is an

untrusted port by default).

[SwitchB-vlan10] interface gigabitethernet 1/0/3

[SwitchB-Gigabitethernet1/0/3] arp detection trust

[SwitchB-Gigabitethernet1/0/3] quit

After the preceding configurations are complete, when ARP packets arrive at interfaces GigabitEthernet

1/0/1 and GigabitEthernet 1/0/2, they are checked against 802.1X security entries.

ARP restricted forwarding configuration example

Network requirements

As shown in Figure 113 , Switch A acts as a DHCP server. Host A acts as a DHCP client. Host B's IP

address is 10.1.1.6, and its MAC address is 0001-0203-0607. Port isolation configured on Switch B

isolates the two hosts at Layer 2, which can communicate with the gateway Switch A. GigabitEthernet

1/0/1, GigabitEthernet 1/0/2 and GigabitEthernet 1/0/3 belong to VLAN 10. Switch B is enabled

with DHCP snooping, and has ARP detection enabled in VLAN 10.

Table of Contents

Other manuals for HP 5120 SI Series

Command Reference395 pages

Specification33 pages

Related product manuals

Preview: HP 5120 EI Switch Series

HP 5120 EI Switch Series

Preview: HP 5120 series

Preview: HP 5120 EI Series

HP 5120 EI Series

Preview: HP A3100-8 v2 SI

HP A3100-8 v2 SI

Preview: HP A5500 SI Switch Series

HP A5500 SI Switch Series

Preview: HP 5130 EI series

HP 5130 EI series

Preview: HP 5130-24G-4SFP+ EI

HP 5130-24G-4SFP+ EI

Preview: HP 5130 EI Switch Series

HP 5130 EI Switch Series

HP HPE 5140 24G 4SFP+ EI

Preview: HP FlexNetwork 5130 HI series

HP FlexNetwork 5130 HI series

Preview: HP FlexNetwork 5140 EI Series

HP FlexNetwork 5140 EI Series

Preview: HP 5920