ES-2024 Series User’s Guide
187
CHAPTER 23
IP Source Guard
Use IP source guard to filter unauthorized ARP packets in your network.
23.1 IP Source Guard Overview
IP source guard uses a binding table to distinguish between authorized and
unauthorized ARP packets in your network. A binding contains these key
attributes:
• MAC address
•VLAN ID
• IP address
•Port number
When the Switch receives an ARP packet, it looks up the appropriate MAC address,
VLAN ID, IP address, and port number in the binding table. If there is a binding,
the Switch forwards the packet. If there is not a binding, the Switch discards the
packet.
The Switch builds from information provided manually by administrators (static
bindings).
IP source guard consists of the following features:
• Static bindings. Use this to create static bindings in the binding table.
• ARP inspection. Use this to filter unauthorized ARP packets on the network.
To Next Page
Loading...
