Table of Contents
Advertisement
Security Suite
IP Source Guard
STEP 3
STEP 1
STEP 2
IP Source Guard
SPS208G/SPS224G4/SPS2024 Service Provider Switches User Guide
Click Add To List. The new ARP-enabled VLAN configuration is added to the
VLAN Table
.
The List To VLAN Table contains a list of ARP-enabled VLANs on the device. The
List To VLAN Table contains the following fields:
•
VLAN ID — Indicates the VLAN on which ARP inspection is enabled.
•
List Name — Indicates the ARP Inspection Lists assigned to this VLAN.
To delete an ARP-enabled VLAN from the device:
In the
List To VLAN Table
Click Delete. The selected VLAN is deleted from the device.
IP Source Guard is a security feature that restricts the client IP traffic to those
source IP addresses configured in the DHCP Snooping Binding Database and in
manually configured IP source bindings. For example, IP Source Guard can help
prevent traffic attacks caused when a host tries to use the IP address of its
neighbor.
DHCP snooping must be enabled on the device's untrusted interfaces and on the
relevant VLAN, in order to activate the IP source guard feature.
•
IP Source Guard must be enabled globally in the
before it can be enabled on the device interfaces.
•
IP Source Guard uses Ternary Content Addressable Memory (TCAM)
resources, requiring use of 1 TCAM rule per 1 IP Source Guard address
entry. If the number of IP Source Guard entries exceeds the number of
available TCAM rules, new IP source guard addresses remain inactive.
•
IP Source Guard cannot be configured on a routed port.
•
If IP Source Guard and MAC address filtering is enabled on a port, Port
Security cannot be activated on the same port.
, select the entry.
8
List To
IP Source Guard Screen
150
Hide quick links:
Advertisement
Table of Contents
