Zte ZXR10 5900 Series - DAI Configuration Example

To Next Page

To Previous Page

Chapter17SecurityConguration

DAIConfigurationExample

AsshowninFigure40,VLAN2isconguredonswitchandDAIis

run.

FIGURE40DAICONFIGURATIONEXAMPLE

Prerequisites:DHCPSNOOPINGfunctionisopenedinVLAN2.

ZXR10(config)#ipdhcpsnoopingenable

ZXR10(config)#ipdhcpsnoopingvlan2

VLAN2isconguredonswitchAandDAIisrun.

ZXR10(config-vlan2)#iparpinspection

Gei_1/1andgei_1/2areboundwithVLAN2.

Gei_1/1issetasuntrustedinterface(thedefaultattributeisun-

trustedinterface).

ThelegalARPpacket(legalARPpacket:consistentwitchIP+port+

MACinDHCPbindingtable)thathostAsendstoswitchisbroad-

castinVLAN.HostBcanreceiveARPpacket.Theillegalpacketis

discardedandnotforwarded.HostBcan’treceiveARPpacket.

Ifgei_1/1issetastrustedinterface,

hostAsendsARPpacket(legal/illegal)toswitch.Switchforwards

ARPpacketbyhardwaretoallinterfacesthatareboundwithVLAN

1.HostBcanreceiveARPpacket.Whenconguringinterfacelim-

CondentialandProprietaryInformationofZTECORPORATION179

Other manuals for Zte ZXR10 5900 Series