User Validity Check And Arp Packet Validity Check Configuration Example - HP MSR2000 Configuration Manual
Hide thumbs
Also See for MSR2000:
- Configuration manual (455 pages) ,
- Manual (73 pages) ,
- High availability configuration manual (91 pages)
Table of Contents
Advertisement
3.
Configure Host A and Host B as 802.1X clients and configure them to upload IP addresses for ARP
detection. (Details not shown.)
4.
Configure Switch B:
# Enable the 802.1X function.
<SwitchB> system-view
[SwitchB] dot1x
[SwitchB] interface ethernet 1/1
[SwitchB-Ethernet1/1] dot1x
[SwitchB-Ethernet1/1] quit
[SwitchB] interface ethernet 1/2
[SwitchB-Ethernet1/2] dot1x
[SwitchB-Ethernet1/2] quit
# Add a local user test.
[SwitchB] local-user test
[SwitchB-luser-test] service-type lan-access
[SwitchB-luser-test] password simple test
[SwitchB-luser-test] quit
# Enable ARP detection for VLAN 10 to check user validity based on 802.1X entries.
[SwitchB] vlan 10
[SwitchB-vlan10] arp detection enable
# Configure the upstream interface as an ARP-trusted interface (an interface is an untrusted
interface by default).
[SwitchB-vlan10] interface ethernet 1/3
[SwitchB-Ethernet1/3] arp detection trust
[SwitchB-Ethernet1/3] quit
After the configurations are completed, ARP packets received on interfaces Ethernet 1/1 and
Ethernet 1/2 are checked against 802.1X entries.
User validity check and ARP packet validity check
configuration example
Network requirements
As shown in
based on static IP source guard binding entries and DHCP snooping entries for connected hosts.
Figure
82, configure Switch B to perform ARP packet validity check and user validity check
285
Advertisement
Table of Contents
Troubleshooting
