Configuring Ipsg For Static Hosts On A Pvlan Host Port - Cisco Catalyst 4500 Series Configuration Manual
Release ios xe 3.3.0sg and ios 15.1(1)sg
Hide thumbs
Also See for Catalyst 4500 Series:
- Software configuration manual (2086 pages) ,
- Administration manual (1814 pages) ,
- Configuration manual (1254 pages)
Table of Contents
Advertisement
Configuring IP Source Guard for Static Hosts
200.1.1.4
200.1.1.5
200.1.1.6
200.1.1.7
The following example display the count of all IP device tracking host entries for all interfaces:
Switch# show ip device tracking all count
Total IP Device Tracking Host entries: 5
---------------------------------------------------------------------
Interface
---------------------------------------------------------------------
Fa4/3
Configuring IPSG for Static Hosts on a PVLAN Host Port
You can configure IPSG for static hosts on a PVLAN host port.
To enable IPSG for static hosts with IP filters on a PVLAN host port, perform this task:
Command
Step 1
Switch(config)# vlan n1
Step 2
Switch(config-vlan)# private-vlan primary
Step 3
Switch(config-vlan)# exit
Step 4
Switch(config)# vlan n2
Step 5
Switch(config-vlan)# private-vlan isolated
Step 6
Switch(config-vlan)# exit
Step 7
Switch(config)# vlan n1
Step 8
Switch(config-vlan)# private-vlan association 201
Step 9
Switch(config-vlan)# exit
Step 10
Switch(config)# interface fastEthernet a/b
Step 11
Switch(config-if)# switchport mode private-vlan
host
Step 12
Switch(config-if)# switchport private-vlan
host-association a b
Step 13
Switch(config-if)# ip device tracking maximum n
Step 14
Switch(config-if)# ip verify source tracking
[port-security]
Step 15
Switch(config-if)# end
Step 16
Switch# show ip device tracking all
Step 17
Switch# show ip verify source interface-name
This example shows how to enable IPSG for static hosts with IP filters on a PVLAN host port:
Switch(config)# vlan 200
Switch(config-vlan)# private-vlan primary
Switch(config-vlan)# exit
Switch(config)# vlan 201
Software Configuration Guide—Release IOS XE 3.3.0SG and IOS 15.1(1)SG
50-28
Chapter 50
0001.0600.0000
8
GigabitEthernet3/1
0001.0600.0000
8
GigabitEthernet3/1
0001.0600.0000
8
GigabitEthernet3/1
0001.0600.0000
8
GigabitEthernet3/1
Maximum Limit
5
Configuring DHCP Snooping, IP Source Guard, and IPSG for Static Hosts
INACTIVE
INACTIVE
INACTIVE
INACTIVE
Number of Entries
Purpose
Enters configuration VLAN mode.
Establishes a primary VLAN on a PVLAN port.
Exits VLAN configuration mode.
Enters configuration VLAN mode.
Establishes an isolated VLAN on a PVLAN port.
Exits VLAN configuration mode.
Enters configuration VLAN mode.
Associates the VLAN on an isolated PVLAN port.
Exits VLAN configuration mode.
Enters interface configuration mode.
(Optional) Establishes a port as a PVLAN host.
(Optional) Associates this port with the corresponding
PVLAN.
Establishes a maximum limit for the bindings on this
port.
Activates IPSG for static hosts on this port.
Exits configuration interface mode.
Verifies the configuration.
Verifies the configuration.
OL-25340-01
- Quick Links:
- Resetting a Switch to Factory Default...
Hide quick links:
Advertisement
Chapters
Table of Contents
Troubleshooting
