Download Print this page

Debugging Dynamic Ip Lockdown; Differences Between Switch Platforms - HP 2530 Manual Supplement

Hide thumbs Also See for 2530:

Quick setup manual (6 pages)

,

Quick setup manual (9 pages)

,

Installation and getting started manual (93 pages)

Table Of Contents

Table of Contents

Advertisement

Debugging dynamic IP lockdown

To enable debugging of packets dropped by dynamic IP lockdown, enter the debug

dynamic-ip-lockdown command.

Syntax:

debug dynamic-ip-lockdown

To send command output to the active CLI session, enter the debug destination session

command.

Counters for denied packets are displayed in debug security dynamic-iplockdown

command output. Packet counts are updated every five minutes.

command output" (page 25)

When dynamic IP lockdown drops IP packets in VLAN traffic that do not contain a known source

IP-to-MAC address binding for the port where the packets are received, a message is entered in

the event log.

Syntax:

debug destination session

Example 17 The debug dynamic-ip-lockdown command output

HP Switch(config)# debug dynamic-ip-lockdown

DIPLD 01/01/90 00:01:25 : denied ip 192.168.2.100 (0)

(PORT 4) -> 192.168.2.1 (0), 1 packets

DIPLD 01/01/90 00:06:25 : denied ip 192.168.2.100 (0)

(PORT 4) -> 192.168.2.1 (0), 294 packets

DIPLD 01/01/90 00:11:25 : denied ip 192.168.2.100 (0)

(PORT 4) -> 192.168.2.1 (0), 300 packets

DIPLD 01/01/90 00:16:25 : denied ip 192.168.2.100 (0)

(PORT 4) -> 192.168.2.1 (0), 300 packets

DIPLD 01/01/90 00:21:25 : denied ip 192.168.2.100 (0)

(PORT 4) -> 192.168.2.1 (0), 299 packets

DIPLD 01/01/90 00:26:25 : denied ip 192.168.2.100 (0)

(PORT 4) -> 192.168.2.1 (0), 300 packets

DIPLD 01/01/90 00:31:25 : denied ip 192.168.2.100 (0)

(PORT 4) -> 192.168.2.1 (0), 300 packets

DIPLD 01/01/90 00:36:25 : denied ip 192.168.2.100 (0)

(PORT 4) -> 192.168.2.1 (0), 299 packets

DIPLD 01/01/90 00:41:25 : denied ip 192.168.2.100 (0)

(PORT 4) -> 192.168.2.1 (0), 300 packets

Differences between switch platforms

Differences in the feature set and operation of Dynamic IP Lockdown depend on the switch where

it is implemented as listed below.

There is no restriction on GVRP on 2620, 3500, 3500yl, 5400zl, 6200yl, 6600, and 8200zl

switches.

"Dynamic IP lockdown host limits" (page 26)

shows an example of command output.

shows host limits for dynamic IP Lockdown.

"The debug dynamic-ip-lockdown

Dynamic IP Lockdown

25

Table of Contents

Show Quick Links

Hide quick links:

Advertisement

Table of Contents