Overview and Topology
Table 370: Components of the Port Security Topology
Properties
Switch hardware
VLAN name and ID
VLAN subnets
Copyright © 2010, Juniper Networks, Inc.
Configured the VLAN
employee-vlan
with Multiple VLANs for EX Series Switches" on page 1312.
Ethernet LANs are vulnerable to address spoofing and DoS attacks on network devices.
This example describes how to protect the switch from an attack on the DHCP snooping
database that alters the MAC addresses assigned to some clients.
This example shows how to configure port security features on an EX3200-24P switch
that is connected to a DHCP server.
The setup for this example includes the VLAN
for creating that VLAN is described in the topic "Example: Setting Up Bridging with Multiple
VLANs for EX Series Switches" on page 1312. That procedure is not repeated here. Figure
73 on page 2871 illustrates the topology for this example.
Figure 73: Network Topology for Basic Port Security
The components of the topology for this example are shown in Table 370 on page 2871.
Settings
One EX3200-24P, 24 ports (8 PoE ports)
employee-vlan
192.0.2.16/28
192.0.2.17
192.0.2.31
Chapter 94: Examples: Port Security Configuration
on the switch. See "Example: Setting Up Bridging
employee-vlan
, tag
20
through
192.0.2.30
is subnet's broadcast address
on the switch. The procedure
2871