HP 6125XLG Configuration Manual page 175

On port Ten-GigabitEthernet 1/1/5 of Switch A, only IP packets from Host A can pass.
•
• On port Ten-GigabitEthernet 1/1/6 of Switch B, only IP packets from Host A can pass.
On port Ten-GigabitEthernet 1/1/5 of Switch B, only IP packets from Host B can pass.
•
Figure 57 Network diagram
Configuration procedure
1. Configure Switch A:
# Configure IP addresses for the interfaces. (Details not shown.)
# Enable IPv4 source guard on port Ten-GigabitEthernet 1/1/6.
<SwitchA> system-view
[SwitchA] interface ten-gigabitEthernet 1/1/6
[SwitchA-Ten-GigabitEthernet1/1/6] ip verify source ip-address mac-address
# On Ten-GigabitEthernet 1/1/6, configure a static IPv4 source guard binding entry to allow only
IP packets with the source MAC address of 0001-0203-0405 and the source IP address of
192.168.0.3 to pass.
[SwitchA-Ten-GigabitEthernet1/1/6] ip source binding ip-address 192.168.0.3
mac-address 0001-0203-0405
[SwitchA-Ten-GigabitEthernet1/1/6] quit
# Enable IPv4 source guard on port Ten-GigabitEthernet 1/1/5.
[SwitchA] interface ten-gigabitEthernet 1/1/5
[SwitchA-Ten-GigabitEthernet1/1/5] ip verify source ip-address mac-address
# On Ten-GigabitEthernet 1/1/5, configure a static IPv4 source guard binding entry to allow only
IP packets with the source MAC address of 0001-0203-0406 and the source IP address of
192.168.0.1 to pass.
[SwitchA-Ten-GigabitEthernet1/1/5] ip source binding ip-address 192.168.0.1
mac-address 0001-0203-0406
[SwitchA-Ten-GigabitEthernet1/1/5] quit
2. Configure Switch B:
# Configure an IP address for each interface. (Details not shown.)
# Enable IPv4 source guard on port Ten-GigabitEthernet 1/1/6.
<SwitchB> system-view
[SwitchB] interface ten-gigabitEthernet 1/1/6
[SwitchB-Ten-GigabitEthernet1/1/6] ip verify source ip-address mac-address
166