Operation Manual - Network Protocol
Quidway S3500 Series Ethernet Switches Chapter 8 Access Management Configuration
Huawei Technologies Proprietary
8-5
z Port+IP binding: binding the packet’s receiving port and its source IP address. The
specified port will only allow the packet with specified IP address to pass. However,
packets with this IP address can pass other ports, which refer to those ports where
ACLs to restrict the passing of this IP address are not set.
z Port+MAC binding: binding the packet’s receiving port and its source MAC
address. The specified port will only allow the packet with specified MAC address
to pass. However, packets with this MAC address can pass other ports, which
refer to those ports where ACLs to restrict the passing of this MAC address are not
set.
z Port+IP+MAC binding: binding the packet’s receiving port, source IP address and
source MAC address. The specified port will only allow the packet with specified IP
and MAC address to pass. However, packets with this MAC or IP address can
pass other ports, which refer to those ports where ACLs to restrict the passing of
this MAC and IP addresses are not set.
z IP+MAC binding: binding the packet’s source IP address and its source MAC
address. If the packet’s source IP address and its specified IP is the same, then
the packet is relayed only when its source MAC address is the specified MAC
address. Likewise, if the packet’s source MAC is the same as the specified MAC
address, then the packet is relayed only when its source IP address is the same as
the specified IP address.
Perform the following configuration in the system view.
Table 8-6 Binding Port, IP Address and MAC Address
Operation Command
bind port, IP address and MAC
address
am user-bind { interface { interface-name |
interface-type interface-number } { mac-addr mac
| ip-addr ip }* | mac-addr mac { interface
{ interface-name | interface-type
interface-number } | ip-addr ip }* | ip-addr ip
{ interface { interface-name | interface-type
interface-number } | mac-addr mac }* }
Remove the binding of port, IP
address and MAC address
binding
undo am user-bind { interface { interface-name |
interface-type interface-number } { mac-addr mac
| ip-addr ip }* | mac-addr mac { interface
{ interface-name | interface-type
interface-number } | ip-addr ip }* | ip-addr ip
{ interface { interface-name | interface-type
interface-number } | mac-addr mac }* }
Note that:
z One MAC address or one IP address cannot be bound more than once.
z The maximum binding number is 128.
z Do not perform “Port+IP+MAC” and “Port+IP” on the same port.
To Next Page
Loading...
