User Validity Check And Arp Packet Validity Check Configuration Example - HPE FlexNetwork 7500 Series Security Configuration Manual
Hide thumbs
Also See for FlexNetwork 7500 Series:
- Security configuration manual (506 pages) ,
- Command reference manual (474 pages) ,
- Network management and monitoring command reference (430 pages)
Table of Contents
Advertisement
Task
statistics.
User validity check and ARP packet validity check
configuration example
Network requirements
As shown in
check based on static IP source guard bindings and DHCP snooping entries for connected hosts.
Figure 125 Network diagram
Device A
DHCP snooping
Device B
GE1/0/1
Host A
DHCP client
Configuration procedure
1.
Add all interfaces on Device B to VLAN 10, and specify the IP address of VLAN-interface 10 on
Device A. (Details not shown.)
2.
Configure the DHCP server on Device A, and configure DHCP address pool 0.
<DeviceA> system-view
[DeviceA] dhcp enable
[DeviceA] dhcp server ip-pool 0
[DeviceA-dhcp-pool-0] network 10.1.1.0 mask 255.255.255.0
3.
Configure Host A (DHCP client) and Host B. (Details not shown.)
4.
Configure Device B:
# Enable DHCP snooping.
<DeviceB> system-view
[DeviceB] dhcp snooping enable
[DeviceB] interface gigabitethernet 1/0/3
[DeviceB-GigabitEthernet1/0/3] dhcp snooping trust
[DeviceB-GigabitEthernet1/0/3] quit
# Enable recording of client information in DHCP snooping entries on GigabitEthernet 1/0/1.
[DeviceB] interface gigabitethernet 1/0/1
[DeviceB-GigabitEthernet1/0/1] dhcp snooping binding record
[DeviceB-GigabitEthernet1/0/1] quit
Figure
125, configure Device B to perform ARP packet validity check and user validity
Gateway
DHCP server
GE1/0/3
Vlan-int10
10.1.1.1/24
VLAN 10
GE1/0/3
GE1/0/2
Host B
10.1.1.6
0001-0203-0607
Command
interface-number ]
428
Advertisement
Table of Contents
Troubleshooting
