Zte ZXR10 5900E Series Instructions Manual
  1. Manuals
  2. Brands
  3. Zte Manuals
  4. Switch
  5. ZXR10 5900E Series
  6. Instructions manual
Zte ZXR10 5900E Series Instructions Manual

Zte ZXR10 5900E Series Instructions Manual

Sec ipv4 instructions
Hide thumbs Also See for ZXR10 5900E Series:
Table of Contents

Advertisement

Quick Links

See also: Configuration Manual , User Manual
ZTE SEC IPv4 instructions
All Rights reserved, No Spreading abroad without Permission of ZTE
1

Advertisement

Table of Contents
loading

Related Manuals for Zte ZXR10 5900E Series

Summary of Contents for Zte ZXR10 5900E Series

  • Page 1 ZTE SEC IPv4 instructions All Rights reserved, No Spreading abroad without Permission of ZTE...
  • Page 2 All Rights reserved, No Spreading abroad without Permission of ZTE...
  • Page 3 Table of Contents EQUIPMENTS FOR CERTIFICATION ...................... 4 TEST INSTRUCTION FOR 5900E ......................5 TEST INSTRUCTION FOR ZXR10 8900 ....................9 All Rights reserved, No Spreading abroad without Permission of ZTE...

  • Page 4: Equipments For Certification

    Equipments for Certification The certified equipments are ZTE two types of Switches: ZXR10 5900E and ZXR10 8900 series. ZXR10 5900E series MPLS Easy-Maintenance switch adopts high-speed ASIC forwarding chips. It supports complete family of Ethernet protocols, complete L3/MPLS protocols, efficient QOS priority mechanisms and flexible management mechanisms.

  • Page 5: Test Instruction For 5900E

    Step2:Enable dhcp-snooping on global ZXR10(config)#ip dhcp snooping enable Step3:Enable DHCP snooping on vlan and assign Uplink port as trusted port ZXR10(config)#ip dhcp snooping vlan 100 ZXR10(config)#ip dhcp snooping trust gei_1/1 All Rights reserved, No Spreading abroad without Permission of ZTE...
  • Page 6 MAC:0022.3245.0005 Discard Ip:10.1.1.5 MAC:0017.314c.0001 DHCP server IP:10.1.1.15 MAC:0056.3200.0002 _ Setup Step1 :Enable DHCP Snooping function same as case A Step2: Enable ARP inspection on vlan ZXR10(config)#vlan 100 ZXR10(config-vlan100)#ip arp inspection All Rights reserved, No Spreading abroad without Permission of ZTE...

  • Page 7: _ Topology

    _ Setup Step1:Enable DHCP snooping function same as case A. Step2: Enable IP Souce guard on port ZXR10(config-gei_1/2)#ip dhcp snnoping ip-source-guard mac-ip-base Step3: Configure Static user binding table entry on vlan All Rights reserved, No Spreading abroad without Permission of ZTE...

  • Page 8: The Zte Series Has Full Support Port-Based Advanced Ipv4/Ipv6/L2 Header

    Step1: Configure port isolation session on global ZXR10(config)#vlan private-map session-id 1 solate gei_1/1, gei_1/3 G. ACLs The ZTE Series has full support port-based advanced ipv4/ipv6/L2 header ACLs The following example describes how to utilize on acl to block inbound special Source ip address;...

  • Page 9: _ Topology

    A.DHCP Snooping Configuration Procedure _ Topology DHCP Require DHCP server DHCP Ack Fake server _ Setup Step1: configure vlan ZXR10(config)#interface gei_1/1 ZXR10(config)#ipv4 protocol-protect mode dhcp enable ZXR10(config-gei_1/1)#switch access vlan 100 All Rights reserved, No Spreading abroad without Permission of ZTE...

  • Page 10: _ Topology

    _ Setup Step1 enable DHCP snooping function same as Case A Step2:enable option 82 on global ZXR10(config)# p dhcp snooping information option C. ARP source check Configuration Procedure _ Topology All Rights reserved, No Spreading abroad without Permission of ZTE...

  • Page 11: _ Topology

    ZXR10(config-vlan100)#ip arp inspection ZXR10(config)#interface gei_1/1 ZXR10(config-gei_1/1)#ip arp inspection trust ZXR10(config)#ip arp inspection validate dst-mac ZXR10(config)#ip arp inspection validate ip ZXR10(config)#ip arp inspection validate src-mac D. IP source check Configuration Procedure _ Topology All Rights reserved, No Spreading abroad without Permission of ZTE...

  • Page 12: Gei_1/3 Expiry

    Step2: Enable IP Souce guard on port ZXR10(config-gei_1/2)#ip dhcp snnoping ip-source-guard mac-ip-base Step3: Configure Static user binding table entry on vlan ZXR10(config)#ip dhcp snooping binding 001f.c674.15a8 vlan 10 10.10.40.100 gei_1/3 expiry 3600 All Rights reserved, No Spreading abroad without Permission of ZTE...

  • Page 13: Uer1 No Traffic

    Step1: Configure port isolation session on global ZXR10(config)#vlan private-map session-id 1 solate gei_1/1, gei_1/3 G. ACLs The ZTE Series has full support port-based advanced ipv4/ipv6/L2 header ACLs The following example describes how to utilize on acl to block inbound special Source ip address;...

  • Page 14: All Rights Reserved, No Spreading Abroad Without Permission Of Zte

    ZXR10(config)#acl standard number 10 ZXR10(config-std-acl)#rule 1 deny 192.168.1.100 0.0.0.0 Step2:enable ACL on port inbind ZXR10 (config-fei_1/2)#ip access-group 1 in All Rights reserved, No Spreading abroad without Permission of ZTE...

This manual is also suitable for:

Zxr10 8900 series

Table of Contents