11-31
Configuring Advanced Threat Protection
Dynamic IP Lockdown
Figure 11-7. Example of debug dynamic-ip-lockdown Command Output
Differences Between Switch Platforms
There are some differences in the feature set and operation of Dynamic IP
Lockdown, depending on the switch on which it is implemented. These are
listed below.
■ There is no restriction on GVRP on switches using K and KA code
bases. However, on switches running other code bases, Dynamic IP
Lockdown is not supported if GVRP is enabled on the switch.
■ Dynamic IP Lockdown has the host limits shown in the table below.
There is a DHCP snooping limit of 8,192 entries.
HP Switch(config)# debug dynamic-ip-lockdown
DIPLD 01/01/90 00:01:25 : denied ip 192.168.2.100 (0)
(PORT 4) -> 192.168.2.1 (0), 1 packets
DIPLD 01/01/90 00:06:25 : denied ip 192.168.2.100 (0)
(PORT 4) -> 192.168.2.1 (0), 294 packets
DIPLD 01/01/90 00:11:25 : denied ip 192.168.2.100 (0)
(PORT 4) -> 192.168.2.1 (0), 300 packets
DIPLD 01/01/90 00:16:25 : denied ip 192.168.2.100 (0)
(PORT 4) -> 192.168.2.1 (0), 300 packets
DIPLD 01/01/90 00:21:25 : denied ip 192.168.2.100 (0)
(PORT 4) -> 192.168.2.1 (0), 299 packets
DIPLD 01/01/90 00:26:25 : denied ip 192.168.2.100 (0)
(PORT 4) -> 192.168.2.1 (0), 300 packets
DIPLD 01/01/90 00:31:25 : denied ip 192.168.2.100 (0)
(PORT 4) -> 192.168.2.1 (0), 300 packets
DIPLD 01/01/90 00:36:25 : denied ip 192.168.2.100 (0)
(PORT 4) -> 192.168.2.1 (0), 299 packets
DIPLD 01/01/90 00:41:25 : denied ip 192.168.2.100 (0)
(PORT 4) -> 192.168.2.1 (0), 300 packets
To Next Page
Loading...
Need help?
General
