Table of Contents
Advertisement
Table 62: IPv4 Source Guard Commands
Command
show ip source-guard
show ip source-guard
binding
ip source-guard
This command adds a static address to the source-guard ACL or MAC address
binding table. Use the no form to remove a static entry.
binding
Syntax
Default Setting
No configured entries
Command Mode
Global Configuration
Command Usage
◆
◆
◆
Function
Shows whether source guard is enabled or disabled on
each interface
Shows the source guard binding table
ip source-guard binding [mode {acl | mac}] mac-address
vlan vlan-id ip-address interface ethernet unit/port-list
no ip source-guard binding [mode {acl | mac}] mac-address vlan vlan-id
mode - Specifies the binding mode.
acl - Adds binding to ACL table.
mac - Adds binding to MAC address table.
mac-address - A valid unicast MAC address.
vlan-id - ID of a configured VLAN for an ACL filtering table or a range of
VLANs for a MAC address filtering table. To specify a list separate
nonconsecutive VLAN identifiers with a comma and no spaces; use a
hyphen to designate a range of IDs. (Range: 1-4094)
ip-address - A valid unicast IP address, including classful types A, B or C.
unit - Unit identifier. (Range: 1)
port-list - Physical port number or list of port numbers. Separate
nonconsecutive port numbers with a comma and no spaces; or use a
hyphen to designate a range of port numbers. (Range: 1-28/52)
If the binding mode is not specified in this command, the entry is bound to the
ACL table by default.
Table entries include a MAC address, IP address, lease time, entry type (Static-IP-
SG-Binding, Dynamic-DHCP-Binding), VLAN identifier, and port identifier.
All static entries are configured with an infinite lease time, which is indicated
with a value of zero by the
– 331 –
Chapter 9
show ip source-guard
command
| General Security Measures
IPv4 Source Guard
Mode
PE
PE
(page
336).
Hide quick links:
Advertisement
Table of Contents
