Ip Source Guard; Chapter 19 Ip Source Guard; Overview - ZyXEL Communications MES-2110 User Manual
Intelligent layer 2 switch
Hide thumbs
Also See for MES-2110:
- Manual (2 pages) ,
- User manual (184 pages) ,
- Support notes (53 pages)
Table of Contents
Advertisement
C
H A P T E R
19.1 Overview
IP source guard uses a binding table to distinguish between authorized and
unauthorized DHCP and ARP frames in your network. A binding contains these key
attributes:
• MAC address
• VLAN ID
• IP address
• Port number
When the MES-2110 receives a DHCP or ARP frame, it looks up the appropriate
MAC address, VLAN ID, IP address, and port number in the binding table. If there
is a binding, the MES-2110 forwards the frame. If there is not a binding, the MES-
2110 discards the frame.
The MES-2110 builds the binding table by snooping DHCP frames (dynamic
bindings) and from information provided manually by administrators (static
bindings).
IP source guard consists of the following features:
• Static bindings. Use this to create static bindings in the binding table.
• DHCP snooping. Use this to filter unauthorized DHCP frames on the network and
to build the binding table dynamically.
• ARP inspection. Use this to filter unauthorized ARP frames on the network.
If you want to use dynamic bindings to filter unauthorized ARP frames (typical
implementation), you have to enable DHCP snooping before you enable ARP
inspection.
MES-2110 User's Guide
IP Source Guard
19
141
Advertisement
Table of Contents
