HP A5830 Series Configuration Manual page 226
Security switch
Hide thumbs
Also See for A5830 Series:
- Command reference manual (249 pages) ,
- Configuration manual (246 pages) ,
- Configuration manual (152 pages)
Table of Contents
Advertisement
Enable the IPv4 source guard binding function on the switch's VLAN-interface 100 to filter packets based
on the DHCP relay entry, allowing only packets from clients that obtain IP addresses from the DHCP
server to pass.
Figure 69 Network diagram for configuring dynamic IPv4 source guard binding through DHCP relay
DHCP client
Host
MAC: 0001-0203-0406
Configuration procedure
Configure the IPv4 source guard function.
1.
# Configure the IP addresses of the interfaces. (Details not shown)
# Configure the IPv4 source guard binding function on VLAN-interface 100 to filter packets based on
both the source IP address and MAC address.
<Switch> system-view
[Switch] vlan 100
[Switch-Vlan100] quit
[Switch] interface vlan-interface 100
[Switch-Vlan-interface100] ip verify source ip-address mac-address
[Switch-Vlan-interface100] quit
Configure the DHCP relay agent.
2.
# Enable the DHCP service.
[Switch] dhcp enable
# Configure the IP address of the DHCP server.
[Switch] dhcp relay server-group 1 ip 10.1.1.1
# Configure VLAN-interface 100 to work in DHCP relay mode.
[Switch] interface vlan-interface 100
[Switch-Vlan-interface100] dhcp select relay
# Correlate VLAN-interface 100 with DHCP server group 1.
[Switch-Vlan-interface100] dhcp relay server-select 1
[Switch-Vlan-interface100] quit
Verification
# Display the generated IPv4 source guard binding entries.
[Switch] display ip source binding
Total entries found: 1
MAC Address
0001-0203-0406
DHCP relay agent
Vlan-int 200
Vlan-int 100
Switch
IP Address
VLAN
192.168.0.1
100
DHCP server
10.1.1.1/24
Interface
Vlan100
218
Type
DHCP-RLY
Advertisement
Table of Contents
Troubleshooting
