A10E/A28E/A28F Configuration Guide
Alpha-
A28E(config)#ip
verify source
{ dhcp-snooping |
dhcp-relay }
Enable IP Source Guide dynamic binding.
Alpha-
A28E(config)#ip
source binding
{ dhcp-snooping |
dhcp-relay } static
Translate the dynamic binding relationship to the
dynamic binding relationship.
Alpha-
A28E(config)#ip
source binding auto-
update
(Optional) enable auto-translation. After it is
enabled, dynamic binding entries learned through
DHCP Snooping are directly translated into static
binding entries.
6.8.6 Checking configurations
Use the following commands to check configuration results.
Alpha-A28E#show ip
verify source
Show global binding status and interface trusted
status.
Alpha-A28E#show ip
source binding [ port
port-id
]
Show configurations of IP Source Guard binding,
interface trusted status, and binding relationship
table.
6.8.7 Example for configuring IP Source Guard
Networking requirements
As shown in Figure 6-10, to prevent IP address embezzlement, you need to configure IP
Source Guard on the switch.
The switch permits all IP packets on Port 1 to pass.
Port 2 permits IP packets with specified the IP address 10.10.10.1 and subnet mask
255.255.255.0 and the IP packets meeting DHCP Snooping learnt dynamic binding
relationship to pass.
Other interfaces only permit the packets meeting DHCP Snooping learnt dynamic
binding relationship to pass.
To Next Page
Loading...