Table of Contents
Advertisement
Table 365: Components of the Port Security Topology
Properties
Switch hardware
VLAN name and ID
VLAN subnets
Interfaces in
employee-vlan
Interface for DHCP server
Copyright © 2010, Juniper Networks, Inc.
Figure 68: Network Topology for Basic Port Security
The components of the topology for this example are shown in Table 365 on page 2851.
Settings
One EX3200-24P, 24 ports (8 PoE ports)
employee-vlan
192.0.2.16/28
192.0.2.17
192.0.2.31
ge-0/0/1
ge-0/0/8
In this example, the switch is initially configured with the default port security setup. In
the default configuration on the switch:
Secure port access is activated on the switch.
DHCP snooping and DAI are disabled on all VLANs.
All access ports are untrusted and all trunk ports are trusted for DHCP snooping, which
is the default setting.
In the configuration tasks for this example, you set the DHCP server first as untrusted
and then as trusted; you enable DHCP snooping, DAI, and MAC move limiting on a VLAN;
Chapter 94: Examples: Port Security Configuration
, tag
20
through
192.0.2.30
is subnet's broadcast address
,
,
,
ge-0/0/2
ge-0/0/3
ge-0/0/8
2851
Advertisement
Chapters
Table of Contents
Troubleshooting
