HP 6125XLG Configuration Manual page 177
Blade switch security configuration guide
Hide thumbs
Also See for 6125XLG:
- Layer 3 - ip routing configuration manual (492 pages) ,
- Command reference manual (466 pages) ,
- Configuration manual (414 pages)
Table of Contents
Advertisement
Figure 58 Network diagram
Configuration procedure
1.
Configure the DHCP server.
For information about DHCP server configuration, see Layer 3—IP Services Configuration Guide.
2.
Configure DHCP snooping on the switch:
# Configure IP addresses for the interfaces. (Details not shown.)
# Enable DHCP snooping.
<Switch> system-view
[Switch] dhcp snooping enable
# Configure Ten-GigabitEthernet 1/1/6 as a trusted port.
[Switch] interface ten-gigabitEthernet1/1/6
[Switch-Ten-GigabitEthernet1/1/6] dhcp snooping trust
[Switch-Ten-GigabitEthernet1/1/6] quit
3.
Configure IPv4 source guard on the switch:
# Enable IPv4 source guard on Ten-GigabitEthernet 1/1/5 to filter packets based on both the
source IP address and the MAC address.
[Switch] interface ten-gigabitEthernet 1/1/5
[Switch-Ten-GigabitEthernet1/1/5] ip verify source ip-address mac-address
# Enable recording of client information in DHCP snooping entries on Ten-GigabitEthernet 1/1/5.
[Switch-Ten-GigabitEthernet1/1/5] dhcp snooping binding record
[Switch-Ten-GigabitEthernet1/1/5] quit
Verifying the configuration
# Display dynamic IPv4 source guard binding entries obtained from DHCP snooping.
[Switch] display ip source binding dhcp-snooping
Total entries found: 1
IP Address
192.168.0.1
The output shows that IP source guard has generated a dynamic IPv4 binding entry on
Ten-GigabitEthernet 1/1/5 based on the DHCP snooping entry.
MAC Address
Interface
0001-0203-0406 XGE1/1/5
168
VLAN Type
1
DHCP snooping
Advertisement
Table of Contents
Troubleshooting
