Alcatel-Lucent 7750 SR OS Service Manual page 545
Service router - mobile gateway
Hide thumbs
Also See for 7750 SR OS:
- Manual (1948 pages) ,
- Interface configuration manual (628 pages) ,
- System configuration manual (484 pages)
Table of Contents
Advertisement
VPLS DHCP and Anti-Spoofing Commands
anti-spoof
Syntax
anti-spoof {ip | mac | ip-mac}
no anti-spoof
Context
config>service>vpls>sap
Description
This command enables anti-spoof filtering and optionally changes the anti-spoof matching type for
the SAP.
The type of anti-spoof filtering defines what information in the incoming packet is used to generate
the criteria to lookup an entry in the anti-spoof filter table. The type parameter (ip, mac, ip-mac)
defines the anti-spoof filter type enforced by the SAP when anti-spoof filtering is enabled.
The no form of the command disables anti-spoof filtering on the SAP.
Default
no anti-spoof
Parameters
ip — Configures SAP anti-spoof filtering to use only the source IP address in its lookup. If a static
mac — Configures SAP anti-spoof filtering to use only the source MAC address in its lookup. If a
ip-mac — Configures SAP anti-spoof filtering to use both the source IP address and the source MAC
arp-reply-agent
Syntax
arp-reply-agent [sub-ident]
no arp-reply-agent
Context
config>service>vpls>sap
Description
This command enables a special ARP response mechanism in the system for ARP requests destined
to static or dynamic hosts associated with the SAP. The system responds to each ARP request using
the hosts MAC address as the both the source MAC address in the Ethernet header and the target
hardware address in the ARP header.
ARP replies and requests received on a SAP with arp-reply-agent enabled will be evaluated by the
system against the anti-spoof filter entries associated with the ingress SAP (if the SAP has anti-spoof
filtering enabled). ARPs from unknown hosts on the SAP will be discarded when anti-spoof filtering
is enabled.
The ARP reply agent only responds if the ARP request enters an interface (SAP, spoke-SDP or mesh-
SDP) associated with the VPLS instance of the SAP.
A received ARP request that is not in the ARP reply agent table is flooded to all forwarding interfaces
of the VPLS capable of broadcast except the ingress interface while honoring split-horizon
constraints.
7750 SR OS Services Guide
host exists on the SAP without an IP address specified, the anti-spoof ip command will fail.
static host exists on the SAP without a specified MAC address, the anti-spoof mac command
will fail.
address in its lookup. If a static host exists on the SAP without both the IP address and MAC
address specified, the anti-spoof ip-mac command will fail.
Virtual Private LAN Services
Page 545
Advertisement
Table of Contents
