Complete Software Guide for Junos
Table 368: Components of the Port Security Topology
Properties
Switch hardware
VLAN name and ID
Interfaces in
employee-vlan
Interface for DHCP server
Configuration
CLI Quick
Configuration
2864
®
OS for EX Series Ethernet Switches, Release 10.3
Figure 71: Network Topology for Basic Port Security
The components of the topology for this example are shown in Table 368 on page 2864.
In this example, the switch has already been configured as follows:
Secure port access is activated on the switch.
No MAC limit is set on any of the interfaces.
DHCP snooping is disabled on the VLAN
All access interfaces are untrusted, which is the default setting.
To configure the MAC limiting port security feature to protect the switch against DHCP
starvation attacks:
To quickly configure MAC limiting, copy the following commands and paste them into
the switch terminal window:
Settings
One EX3200-24P, 24 ports (8 PoE ports)
default
,
,
ge-0/0/1
ge-0/0/2
ge-0/0/3
ge-0/0/8
employee-vlan
Copyright © 2010, Juniper Networks, Inc.
,
ge-0/0/8
.