Configuring An Interface As The Trusted Interface - Huawei Quidway S3700 Series Configuration Manual
Hide thumbs
Also See for Quidway S3700 Series:
- Configuration manual (398 pages) ,
- Quick start manual (70 pages) ,
- Manual (69 pages)
Table of Contents
Advertisement
Quidway S3700 Series Ethernet Switches
Configuration Guide - Security
l
----End
11.3.3 Configuring an Interface as the Trusted Interface
Generally, the network-side interface of the S3700 is configured as the trusted interface and
user-side interfaces of the S3700 are configured as untrusted interfaces.
Context
When RA messages sent from the ND server pass through the trusted interface of the S3700,
the S3700 establishes the prefix management table according to the RA messages. The prefix
management table saves information about prefixes allocated to the S3700 in the RA messages.
The S3700 discards the RA messages received from untrusted interfaces.
Generally, the interface connected to the ND server is configured as the trusted interface and
other interfaces are configured as untrusted interfaces.
After ND snooping is enabled on an interface, the interface is an untrusted interface by default.
Procedure
l
Issue 01 (2011-07-15)
5.
Run:
nd snooping enable
ND snooping is enabled on the interface.
Configuring ND snooping in a VLAN
1.
Run:
system-view
The system view is displayed.
2.
Run:
dhcp enable
DHCP is enabled globally.
3.
Run:
nd snooping enable
ND snooping is enabled globally.
4.
Run:
vlan vlan-id
The VLAN view is displayed.
5.
Run:
nd snooping enable
ND snooping is enabled in the VLAN.
Configuring ND snooping on an interface
1.
Run:
system-view
The system view is displayed.
2.
Run:
interface interface-type interface-number
Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
11 ND Snooping Configuration
255
Advertisement
Table of Contents
