H3C S5120-SI Series Operation Manual page 214
Hide thumbs
Also See for S5120-SI Series:
- Command reference manual (910 pages) ,
- Configuration manual (745 pages) ,
- Installation manual (70 pages)
Table of Contents
Advertisement
Figure 2-2 Network diagram for ARP detection configuration
DHCP snooping
GE1/0/3
Switch A
GE1/0/1
Host A
DHCP client
Configuration procedure
1)
Add all the ports on Switch A to VLAN 10 (the configuration procedure is omitted).
2)
Configure DHCP server (the configuration procedure is omitted).
3)
Configure Host A as DHCP client, and Host B as user respectively (the configuration procedure is
omitted)
4)
Configure Switch A
# Enable DHCP snooping.
<SwitchA> system-view
[SwitchA] dhcp-snooping
[SwitchA] interface GigabitEthernet 1/0/3
[SwitchA-GigabitEthernet1/0/3] dhcp-snooping trust
[SwitchA-GigabitEthernet1/0/3] quit
# Enable ARP detection for VLAN 10.
[SwitchA] vlan 10
[SwitchA-vlan10] arp detection enable
# Configure the upstream port as a trusted port and the downstream ports as untrusted ports (a port is
an untrusted port by default).
[SwitchA-vlan10] interface GigabitEthernet 1/0/3
[SwitchA-GigabitEthernet1/0/3] arp detection trust
[SwitchA-GigabitEthernet1/0/3] quit
# Configure a static IP-to-MAC binding.
[SwitchA] arp detection static-bind 10.1.1.1 000f-e249-8050
# Enable ARP detection based on both DHCP snooping entries and static IP-to-MAC bindings.
[SwitchA] arp detection mode dhcp-snooping
[SwitchA] arp detection mode static-bind
# Enable the checking of the MAC addresses and IP addresses of ARP packets.
[SwitchA] arp detection validate dst-mac ip src-mac
Gateway
DHCP server
VLAN 10
GE1/0/2
Host B
10.1.1.6
0001-0203-0607
2-8
Advertisement
Chapters
Table of Contents
Troubleshooting
